Hacker News new | ask | show | jobs
by cute_boi 1 day ago
It is security boundary but a weak one. Escaping from docker is very hard.
1 comments
rvz 1 day ago
> Escaping from docker is very hard.

You mean a microVM.

A docker LPE (local privilege escalation) requires a kernel exploit such as Copyfail would work under docker but not in a microVM.

link