|
|
|
|
|
|
by brimble
1510 days ago
|
|
|
Using container features to limit access of a program to the broader machine (disk, network, other processes) seems like it would tend to be more secure than... not doing that. Right? It's not as if I'm exposing any docker remote-control-related stuff to the network. |
|
|
docker adds its own daemon that creates additional attack surface that you would not have otherwise.