|
|
|
|
|
|
by ahepp
1817 days ago
|
|
|
Well, if they get root on your mongo vm they can still drop all your tables (or ransomware you) right? So would it make a difference in this particular case? Outside the VM tooling probably not being so insane as to bypass the firewall? |
|
|
On a hypervisor, it's much harder for VMs to influence each other.
Linux containers (and docker amongst them) started out as convenient and reasonably performant, and added security later. One patch at a time.
Historically, hypervisors typically started secure and added performance and convenience over time.
(Very simplified. But I used to work for XenSource back in the day.)