Comment on Docker - what use is it?
tal@lemmy.today 10 months agoAlso, if server software running in a container gets compromised, hopefully the container can contain the compromise from spreading to the rest of the system.
Comment on Docker - what use is it?
tal@lemmy.today 10 months agoAlso, if server software running in a container gets compromised, hopefully the container can contain the compromise from spreading to the rest of the system.
JVT038@feddit.nl 10 months ago
Depends.
If there are no external volumes and the container is in its own network without any other containers, then any malware in the container shouldn’t be able to reach / affect the host server, because it’s isolated.
evranch@lemmy.ca 10 months ago
Even with external volumes, I don’t think there should be any mechanism where a container can escape a bind mount to affect the rest of the host fs? I use bind mounts all the time, far more than docker volumes.