🇦🇺𝕄𝕦𝕟𝕥𝕖𝕕𝕔𝕣𝕠𝕔𝕕𝕚𝕝𝕖@lemm.ee to Programmer Humor@programming.devEnglish · 8 days agoWorks on my machinelemm.eeimagemessage-square30fedilinkarrow-up16arrow-down10
arrow-up16arrow-down1imageWorks on my machinelemm.ee🇦🇺𝕄𝕦𝕟𝕥𝕖𝕕𝕔𝕣𝕠𝕔𝕕𝕚𝕝𝕖@lemm.ee to Programmer Humor@programming.devEnglish · 8 days agomessage-square30fedilink
minus-squareалсааас [she/they]@lemmy.dbzer0.comlinkfedilinkarrow-up0·8 days agoIsn’t Docker massively insecure when compared to the likes of Podman, since Docker has to run as a root daemon?
minus-squarehemko@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up0·8 days agoNot only that but containers in general run on the host system’s kernel, the actual isolation of the containers is pretty minimal compared to virtual machines for example.
minus-squareClent@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up0·8 days agoWhat exactly do you think the vm is running on if not the system kernel with potentially more layers.
minus-squarehemko@lemmy.dbzer0.comlinkfedilinkEnglisharrow-up0arrow-down1·edit-28 days agoVirtual machines do not use host kernel, they run full OS with kernel, cock and balls on virtualized hardware on top of the host OS. Containers are using the host kernel and hardware without any layer of virtualization
Isn’t Docker massively insecure when compared to the likes of Podman, since Docker has to run as a root daemon?
Not only that but containers in general run on the host system’s kernel, the actual isolation of the containers is pretty minimal compared to virtual machines for example.
What exactly do you think the vm is running on if not the system kernel with potentially more layers.
Virtual machines do not use host kernel, they run full OS with kernel, cock and balls on virtualized hardware on top of the host OS.
Containers are using the host kernel and hardware without any layer of virtualization