Because it would launch the container, including the SSH daemon, in the unconfined_t domain, giving him a privileged shell and allowing him to escape the SELinux constraints we were trying to enforce.

因为它会在unconfined _ t域中启动容器，包括sshdaemon，这使他能够获得有特权的shell，并且能够绕过我们将要实施的SELinux限制。

youdao

Because it would launch the container, including the SSH daemon, in the unconfined_t domain, giving him a privileged shell and allowing him to escape the SELinux constraints we were trying to enforce.

因为它会在unconfined _ t域中启动容器，包括sshdaemon，这使他能够获得有特权的shell，并且能够绕过我们将要实施的SELinux限制。

youdao