I’ve read that standard containers are optimized for developer productivity and not security, which makes sense.

But then what would be ideal to use for security? Suppose I want to isolate environments from each other for security purposes, to run questionable programs or reduce attack surface. What are some secure solutions?

Something without the performance hit of VMs

    • Tiuku@sopuli.xyz
      link
      fedilink
      arrow-up
      2
      ·
      1 year ago

      Unlike docker, podman doesn’t try to do everything on it’s own. There’s a separate tool known as buildah which builds containers from dockerfiles just fine.

      Ps. More generally, they’re called containerfiles.