I am replacing docker with podman on more and more systems. My biggest pitfall so far: Containers that require me to mount the Docker Daemon inside so they can spawn new ones... (I am looking at you gitlab-runner)

I mean, who thought it was a good idea to give containers that execute "random" code the power to spawn new containers? 🙀