top | item 45659581

(no title)

gbxk | 4 months ago

It is well known that containers do not provide you safe isolation. It is not their purpose. They share kernel and page cache with the host. Any kernel exploit gives to someone in a container potential root control of the host (see DirtyPipe, DirtyCow). That's why you need VM-level isolation.

discuss

unknown|4 months ago

[deleted]

innanet-worker|4 months ago

today i'm one of the lucky 10k https://xkcd.com/1053/

gbxk|4 months ago

Lucky you! And lucky me for sharing the info :)