[cblackthornekc]

We do this very thing at my work. When you have a million and one guidelines around what can and can't be installed on a device. Especially on one that has access to the internet, it is easy to say here is this container that has no access to the internet. That seems to make infosec happy. Also, makes local testing difficult if you need access to a web based API.

The other issue you do have is the issue of configuring them for each application, but luckily most teams have had at least one or two people take up the role of maintaining the images and the startup scripts.

[GordonS]

On one of my Windows work laptops, the restrictions placed on devs are ridiculous, they won't even grant admin rights. Instead they have some bug-ridden software installed that let's you elevate specific apps. You need to request access to those apps, and your request goes through a weeks or even months long process before you get a response. If granted, you need to enter your username and password for each elevation, every single time.

This machine has hyper-v installed, so I created a Windows 10 VM and worked in that fullscreen, permanently.

Gods but I hate working for this mega corp!