Y
Hacker News
new
|
ask
|
show
|
jobs
by
gammalost
809 days ago
It is a security measure. Sure it doesn't secure anything in the container itself. But it secures the container from other containers. Code can (as proven) not be trusted, but the area of effect can be reduced.
1 comments
65a
808 days ago
Only with additional hardening between the container and the kernel and hardware itself.
link