Hacker News new | ask | show | jobs
by progval 1947 days ago
For security by isolation, you don't even need containers. Just run each application as its own user.

This is already done by most (all?) daemons packaged in Debian that don't need to be root.