|
|
|
|
|
|
by 0xbadcafebee
13 days ago
|
|
|
I'm sorry but this is all just apologism/excuses. Docker's had rootless mode for 7 years. The attack surface is the local system, which always has a privilege escalation vuln of some kind, so Docker isn't a game-changer. And lightweight? I have never heard someone say "that Docker daemon is hogging all my resources". |
|
|