It’s because when it’s said aloud, many of us just truncate the “have” ('ve) and it sounds like “of”. Then we go to type it and often type what we think it sounds like…
The short answer is that Docker (and other containerization technologies) share the Linux kernel with the host. The Linux kernel is very complicated and shouldn’t be trusted to be vulnerability free. Exploitable bugs are regularly discovered in the Linux kernel (and Windows and Darwin). No serious companies separate different tenets with just container technology. Look at GCP, AWS, DigitalOcean… they all use hardware virtualization which is much simpler and much more likely to be secure (but even then bugs are found on occasion).
So in theory it is secure, but it is just too complex to rely on. I say that docker is good for “mostly trusted” isolation. Different organizations in the same companies, different software that isn’t actively trying to be malicious. But shouldn’t be used to separate different untrusted parties.
It is moments like this where I wished docker didn’t exist. Could have made some news headlines.
or
Could of’d made
Is this considered chaotic neutral
How dare you correct my high in the morning ass!
That being said, I made the edit. I bet it made the comment better.
My sincerest apologies for killing a delectable morning buzz, but my eye twitches due to my slight 'tism when I see the “should/could of” error.
It’s not you. It’s me.
I don’t think you could of handled the correction any better
ducks
ಠ_ಠ *eye twitch intensifies*
(Sighs)
I wonder if this is a mistake only native speakers do, because I (as non native speaker) don’t understand why anyone would mistake “of” for “have”.
It’s because when it’s said aloud, many of us just truncate the “have” ('ve) and it sounds like “of”. Then we go to type it and often type what we think it sounds like…
No problem man I understand. I accept your 'tism and hope you having a good day.
And if not take a hit 😎
This toke’s for you!
I hope they are using more than just docker for isolation 😅 Each user should be running in a different VM for security.
The only fuckers who are getting their own VM is enterprise lol. I can’t imagine they give that much of a fuck about their average user.
I ask out of ignorance - Why is docker insufficient for isolation?
The short answer is that Docker (and other containerization technologies) share the Linux kernel with the host. The Linux kernel is very complicated and shouldn’t be trusted to be vulnerability free. Exploitable bugs are regularly discovered in the Linux kernel (and Windows and Darwin). No serious companies separate different tenets with just container technology. Look at GCP, AWS, DigitalOcean… they all use hardware virtualization which is much simpler and much more likely to be secure (but even then bugs are found on occasion).
So in theory it is secure, but it is just too complex to rely on. I say that docker is good for “mostly trusted” isolation. Different organizations in the same companies, different software that isn’t actively trying to be malicious. But shouldn’t be used to separate different untrusted parties.