Y
Hacker News
new
|
ask
|
show
|
jobs
by
ajb
146 days ago
Theoretically, they have a smaller attack surface. The programs inside the VM can't interact directly with the host kernel.