Over the past five years infosec has turned into a shitshow of showboating. Every exploit has to have a logo and catchy name. Attacks are widely hyped up despite the conditions for usage being extremely difficult or outright stupid. If you are assigning blanket permissions to a group that shouldn’t have it that is your fault. Obstructing stupidity is not in the scope of the container engine.