rootless, immutable, and open: rethinking the modern tech stack

There is a shift happening in how serious infrastructure gets built, and it is not the kind of shift that gets keynotes. It is happening quietly, in distro decisions and container defaults and the wording of compliance requirements. The shape of it is three things converging: containers that do not need root, operating systems that you cannot accidentally modify, and a software supply chain where most of the code was written by someone you have never heard of.

I think this is worth taking seriously. The combination is not new in any individual part, but the way it changes how a competent admin actually works is new, and the security model it produces is materially different from what most people grew up with.

On the future.

/ going rootless /

Root on a Linux system has unlimited authority. For decades that was treated as a fact of life: the admin has root, the daemon has root, the container runtime has root, and your security posture is whatever you can build on top of that. Rootless containers break the pattern by running the container runtime inside a user namespace, so the privileges available to anything inside the container are the privileges of an ordinary user on the host.

Tools like Podman and Buildah run as normal users by default. No central daemon sits in the background with elevated privileges. To bind a privileged port you have to explicitly grant the capability, and even then the container does not actually become root on the host.

The mechanics:

/ user namespaces: The kernel remaps an unprivileged host UID to a “fake” root inside the container. The container thinks it is root; the host disagrees. The container cannot read or write files belonging to other users, cannot load kernel modules, cannot touch firmware.

/ user-space networking: slirp4netns and bypass4netns give containers networking without requiring CAP_NET_RAW or any other elevated capability. The performance cost used to be significant; recent work has reduced it to the point where most workloads do not notice.

/ no daemon: Podman starts a container by forking a process. There is no always-on service to compromise, and systemd can supervise containers directly through Quadlet units. Resource accounting works the way it does for any other systemd service.

/ scale: This is not just a desktop pattern. HPC environments use rootless containers in shared multi-user clusters, GPU access included. Singularity and Apptainer extend the model to multi-node setups, and Usernetes runs Kubernetes itself rootless.

The result is a model where the blast radius of a container compromise is bounded by the privileges of the user that started it. That is a meaningfully smaller target than “the host system”.

/ immutable systems /

The next layer is an immutable host OS. The base system is read-only, and updates are applied as atomic snapshots rather than as in-place modifications. Fedora Silverblue, openSUSE MicroOS, Ubuntu Core, NixOS, and Vanilla OS each do this slightly differently, but the principles overlap:

/ read-only base: The OS is delivered as a single image, usually built with OSTree or something similar. Day-to-day changes (new packages, configs) happen in containers or overlays. The base never changes outside of an update transaction. Silverblue’s base is an OSTree snapshot; user apps come via Flatpak, and development tools live in toolbox containers.

/ atomic updates and rollbacks: An update downloads and stages a new snapshot. On reboot, the system boots into the new snapshot. If something fails, you reboot back into the previous one. There is no half-applied state and no “the upgrade failed and now apt is stuck” situation. NixOS takes this further: the whole system is defined in a configuration file, and rebuilding produces a new snapshot that is either complete and bootable or not adopted at all.

/ declarative config: NixOS and Ubuntu Core let you describe the system as code: packages, services, users, kernel options, boot devices. Any change is intentional, and the configuration itself is versionable. You can branch your OS the way you branch your code.

/ apps in containers: Immutable distros lean heavily on container-style packaging for apps. Silverblue uses Flatpak for desktop applications. Vanilla OS uses Apx, which installs each app inside its own container. Ubuntu Core uses Snaps. The pattern is consistent: keep the base image clean and put everything else in isolated, versioned packages.

The advantage in any environment with more than a handful of machines is configuration drift, or the absence of it. Rolling out a config change is a snapshot promotion rather than a per-host patch. Failed updates revert in one reboot. Auditors get a single source of truth for what is actually running.

The trade-off is that admins have to adopt container-based workflows instead of installing libraries directly on the host. For most people that is a net improvement once the muscle memory is built up. For the rest, it is a fight. Either way, the regulatory direction (EU CRA, US executive orders on supply chain, sector-specific compliance) is pushing this way.

/ open source illusions /

On open source vs proprietary.

Open source software is now the substrate of basically everything. The 2024 Black Duck Open Source Security and Risk Analysis report found that 97% of audited codebases contained open source components, and most enterprises in their survey had increased OSS usage year over year. Container and orchestration adoption nearly doubled in the same period.

Transparency is real, and it matters. But transparency is not the same thing as safety. A few problems compound:

/ maintenance lag: An open codebase can be audited, but only if someone actually does it. Most OSS in production is maintained by a small number of contributors, sometimes by one person. The Black Duck audit found 91% of codebases had outdated components and 90% were more than ten versions behind upstream. Finding the code is easy; keeping it patched is the actual work.

/ vulnerability surface: 86% of audited applications had at least one known open source vulnerability, and 81% had at least one high or critical-risk bug. Most of those bugs are not new exploits in obscure libraries. They are old versions of common libraries (the perennial jQuery example) that nobody ever upgraded. Vulnerability scanning and SBOM generation are slowly becoming mandatory practices in regulated industries; about a quarter of organizations now produce SBOMs for compliance reasons.

/ licensing and provenance: 56% of audited codebases had license conflicts. Beyond licensing, there is the question of whether you actually know who wrote the code and whether they followed reasonable security practices. The XZ backdoor in 2024 made this concrete: a long-time maintainer relationship cultivated patiently over years, used to insert a backdoor that nearly shipped in major distributions. That story did not end as badly as it could have, but the pattern is repeatable.

Open source is still the right answer for most cases. Vendor lock-in is real, the ability to audit and patch matters, and a healthy upstream community is worth a lot. The thing to abandon is the implicit assumption that “open” by itself produces “secure”. It does not. It produces “auditable”, which is a precondition. The audit still has to happen, and the patches still have to land.

/ why does this matter /

The trends are converging in production. The 2024 CNCF Cloud Native Survey put cloud-native adoption at 89% of surveyed organizations, with 91% running containers in production or pre-production. Kubernetes is in use or under evaluation at 93% of respondents. Adoption is geographically broad: Europe at 92%, the Americas at 89%, Asia-Pacific at 84%.

Containers and microservices have compressed the deployment cycle. CI/CD adoption climbed 31% in one year, and 29% of teams now deploy to production multiple times per day. Every commit can reach production within hours. In that environment, trusting any single deployment by default is unwise. Every change has to be guarded and reversible.

The cost side has gone the other way. The 2024 IBM/Ponemon Cost of a Data Breach report put the global average at $4.88 million, up 10% from 2023. A third of breaches involved shadow data in storage locations the security team did not know about. Reducing attack surface is no longer an aspirational item.

This is where the three patterns reinforce each other. Rootless containers limit the privileges an attacker actually obtains when a service is compromised. Immutable hosts make persistence hard, because anything an attacker writes to the base system is wiped on the next reboot. Strict open source hygiene (vetted dependencies, SBOMs, prompt patching) reduces the entry path in the first place.

Regulation is pushing in the same direction. The EU Cyber Resilience Act, coming into force in 2027, builds toward provable software supply chain integrity. Sector-specific requirements in finance and healthcare are doing similar work in the US. The rough consensus across regulators is that trust has to be earned and demonstrated, not assumed.

For a hobbyist running a homelab, none of this is binding. For anyone shipping software to other people, it increasingly is. The good news is that the same patterns work at both scales. The setup that keeps a small lab honest is the same setup, scaled up, that keeps an organization defensible.

---

Sources: CNCF Cloud Native Survey 2024, IBM/Ponemon Cost of a Data Breach Report 2024, Red Hat Podman documentation, Black Duck Open Source Security and Risk Analysis 2024, OpenSSF, EU Cyber Resilience Act.