It is security boundary but a weak one. Escaping from docker is very hard.
> Escaping from docker is very hard.
You mean a microVM.
A docker LPE (local privilege escalation) requires a kernel exploit such as Copyfail would work under docker but not in a microVM.
alt Hacker News
> Escaping from docker is very hard.
You mean a microVM.
A docker LPE (local privilege escalation) requires a kernel exploit such as Copyfail would work under docker but not in a microVM.