Hacker News new | past | comments | ask | show | jobs | submit login

One can always open run this in bash running in a Docker image like so:

  docker run -it ubuntu /bin/bash



True, but remember the wise words of Dan Walsh "Containers Don't Contain" in that if you run as root inside of a container without careful consideration, bad users can absolutely break out, just like in a chroot.

http://www.projectatomic.io/blog/2016/01/how-to-run-a-more-s...

http://www.projectatomic.io/blog/2014/09/yet-another-reason-...

In newer docker, the defaults are really good, but even then, it is worth reading up.


Interesting. Thank you.




Join us for AI Startup School this June 16-17 in San Francisco!

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: