I see Docker mentioned every other thread and was wondering how useful it is for non development things, and if so what they are.

  • @[email protected]
    link
    fedilink
    English
    39 months ago

    Also, if server software running in a container gets compromised, hopefully the container can contain the compromise from spreading to the rest of the system.

    • @[email protected]
      link
      fedilink
      English
      19 months ago

      Depends.

      If there are no external volumes and the container is in its own network without any other containers, then any malware in the container shouldn’t be able to reach / affect the host server, because it’s isolated.

      • @[email protected]
        link
        fedilink
        English
        19 months ago

        Even with external volumes, I don’t think there should be any mechanism where a container can escape a bind mount to affect the rest of the host fs? I use bind mounts all the time, far more than docker volumes.