[jacques_chester]

Sometimes you have endpoint A and endpoint B.

They are part of the same app.

They should not have the same level of privilege.

The secrets in endpoint A's memory should not be visible to endpoint B and vice versa.

Containers increase assurance that this is so.

[collyw]

Databases have had table level privileges for decades. Not quite the same but its easy enough to use it for the same purpose.

[jacques_chester]

I agree with you.

But if a single process has the single account on the database, how do you partition those permissions? Simply providing multiple logins won't help if you assume hostile code is in your process space.

On the other hand, if each service has its own login, then the database can enforce lowest authority for each. A compromise of one service isn't a game over scenario.

It's the difference between having a single account with the union of all permissions, or disjoint sets.

[merb]

systemd can do the same thing. the only thing that docker adds or containers are immutability.

[jacques_chester]

Cloud Foundry uses Garden which uses runC. But our Garden had a container system that predated docker and nspawn. So probably another case of Not Invented Yet Syndrome.