I think that you're missing the point (or at least talking around it). Namely - what is your timeline for actually securing Docker? Features like `docker cp` are nice, but don't help me when I really can't use Docker securely in production until things like user namespaces are running. I have multi-tenant systems and right now the only way for me to run Docker securely is to use it w/in a VM.
Certainly, it will take time to battle-test anything, so the sooner that feature has been released, the sooner that we can get started doing the battle-testing.
It would be helpful to have a clearer roadmap for features like this.
Certainly, it will take time to battle-test anything, so the sooner that feature has been released, the sooner that we can get started doing the battle-testing.
It would be helpful to have a clearer roadmap for features like this.