Is this not essentially what docker did with cgroups? It’s incredibly tricky securing containers, I’m not at all confident process only sandboxes would be adequate.
There's a big difference between securing containers, and using them to prevent Adobe from polluting they entire system. Containers are an excellent way to provide lower guarantees of security (though still more than is there currently), with higher usability. Microvms also fit into the model very cleanly and could be used transparently when higher security was required.
The fact that VMs are necessary has shown how much OSes have failed. That we need to take an OS and package it into multiple VMs to get any real isolation is a problem that OSes should solve for.
Docker makes it really hard to do anything with cgroups. Unless you mean letting Docker manage everything about them, in which case you can configure nothing.
Systemd did the cgroups thing right. Apart from the v1/v2 thing, but if you can use only v2 then you do not need to think about it.
theossuary|2 years ago
The fact that VMs are necessary has shown how much OSes have failed. That we need to take an OS and package it into multiple VMs to get any real isolation is a problem that OSes should solve for.
PaulDavisThe1st|2 years ago
The fact that VMs exist at all shows how much OSes have succeeded.
xorcist|2 years ago
Systemd did the cgroups thing right. Apart from the v1/v2 thing, but if you can use only v2 then you do not need to think about it.