I’ve read that standard containers are optimized for developer productivity and not security, which makes sense.

But then what would be ideal to use for security? Suppose I want to isolate environments from each other for security purposes, to run questionable programs or reduce attack surface. What are some secure solutions?

Something without the performance hit of VMs

  • boo@beehaw.org
    link
    fedilink
    arrow-up
    1
    ·
    2 years ago

    There can also be old images with e.g. old openssl versions being used. Its not a concern if they are updated frequently, but still manual.

    • dragnucs@lemmy.ml
      link
      fedilink
      arrow-up
      1
      ·
      2 years ago

      This is a problem of the containerized program and the image itself. This problem affect, containers, VM, and baremetal aswel.