Funny you say the docker is not for security (it’s there in the manual) but then... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		pdpi on Dec 17, 2019 \| parent \| context \| favorite \| on: #include </etc/shadow> Funny you say the docker is not for security (it’s there in the manual) but then suggest chroot of all things — that is just as well documented as not being meant for security!

eeZah7Ux on Dec 17, 2019 [–]

On the contrary, docker increases the attack surface.

pdpi on Dec 17, 2019 | [–]

The point is that neither tool has a security focus, any security characteristics they might have are incidental and not at all guaranteed, and so neither should be used for that purpose.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact