Skip to content
Better HN
Top
Best
Ask
Show
New
Jobs
Search
⌘K
0 points
oofbey
8mo ago
0 comments
Save
Share
A docker container isn’t as bulletproof as a VM but it would certainly block this kind of attack. They’re super fast and easy to spin up.
0 comments
4 comments · 1 top-level
top
newest
oldest
goodpoint
8mo ago
· 3 in thread
It would not block many other attacks.
oofbey
OP
8mo ago
Can you give some examples? I think of my containers as decently good security boundaries, so I'd like to know what I'm missing.
kwar13
8mo ago
Containers share resources at the OS level, VMs don't. That's the crucial difference.
goodpoint
8mo ago
Containers share the whole kernel (and more) so there's a massive attack surface.
j
/
k
navigate · click thread line to collapse
