I’ve read that standard containers are optimized for developer productivity and not security, which makes sense.

But then what would be ideal to use for security? Suppose I want to isolate environments from each other for security purposes, to run questionable programs or reduce attack surface. What are some secure solutions?

Something without the performance hit of VMs

  • Guilvareux@feddit.uk
    link
    fedilink
    arrow-up
    1
    arrow-down
    1
    ·
    1 year ago

    With the specific exception of podman compose I completely agree. I haven’t tested it for a while but podman compose has had issues with compose file syntax in my experience. Especially with network configs.

    However, I have been using “docker-compose” with podman’s docker compatible socket implementation when necessary, with great success