Generally, the common wisdom is still that Docker, lxc, and linux containers in general haven't been audited and hardened enough to use for multi-tenant isolation, so this seems like an odd choice. The article doesn't talk at all about even doing some of the common hardening people might do in these circumstances (limit syscalls with seccomp, get rid of suid binaries, grsec, AppArmor).
I'd be extremely hesitant to trust the sandboxing here.
I don't know if you saw the story about Joyent's Triton dealie-majig yesterday or not: But do you know if the Solaris Zones are considered secure enough for multi-tenancy?
I'm excited about giving that a try, but I'm trying to find out if anyone has really different opinions on how well it can/will work. So far people seem to be really, really positive and I haven't seen much skepticism/criticism yet.
[+] [-] mirashii|11 years ago|reply
I'd be extremely hesitant to trust the sandboxing here.
[+] [-] DannoHung|11 years ago|reply
I'm excited about giving that a try, but I'm trying to find out if anyone has really different opinions on how well it can/will work. So far people seem to be really, really positive and I haven't seen much skepticism/criticism yet.