|
|
|
|
|
|
by dbolgheroni
902 days ago
|
|
|
So many misconceptions in the same answer. eBPF is for observability, and letting you run privileged programs inside the kernel space (even with protections) can actually increase the potential attack surface. Containerization is not and was never a security measure. |
|
|