When running a container:
docker run -it microsoft/windowsservercore powershell
and then entering
Get-WmiObject Win32_PNPEntity
Powershell in the container seems to be able to list all host devices. Is the philosophy of containerization not the isolation of the container from the host environment? What measures exist against the container accessing any of these devices, like the device driver of the host?