Y
Hacker News
new
|
ask
|
show
|
jobs
by
oofbey
242 days ago
A docker container isn’t as bulletproof as a VM but it would certainly block this kind of attack. They’re super fast and easy to spin up.
1 comments
goodpoint
242 days ago
It would not block many other attacks.
link
oofbey
242 days ago
Can you give some examples? I think of my containers as decently good security boundaries, so I'd like to know what I'm missing.
link
kwar13
242 days ago
Containers share resources at the OS level, VMs don't. That's the crucial difference.
link
goodpoint
242 days ago
Containers share the whole kernel (and more) so there's a massive attack surface.
link