Use it for for operational isolation, not for critical security isolation.
At the same time, going back to the initial quote:
> solution architects from Amazon and he wasn't sure if Docker is ready for PII data
A lot of companies are using containers to execute code that manages all kinds of regulated data right now, ya?
The security limitations of Linux namespaces and friends are mostly related to the execution of untrusted code.
At the same time, going back to the initial quote:
> solution architects from Amazon and he wasn't sure if Docker is ready for PII data
A lot of companies are using containers to execute code that manages all kinds of regulated data right now, ya?
The security limitations of Linux namespaces and friends are mostly related to the execution of untrusted code.