I see Docker mentioned every other thread and was wondering how useful it is for non development things, and if so what they are.

  • tal@lemmy.today
    link
    fedilink
    English
    arrow-up
    3
    ·
    8 months ago

    Also, if server software running in a container gets compromised, hopefully the container can contain the compromise from spreading to the rest of the system.

    • JVT038@feddit.nl
      link
      fedilink
      English
      arrow-up
      1
      ·
      8 months ago

      Depends.

      If there are no external volumes and the container is in its own network without any other containers, then any malware in the container shouldn’t be able to reach / affect the host server, because it’s isolated.

      • evranch
        link
        fedilink
        English
        arrow-up
        1
        ·
        8 months ago

        Even with external volumes, I don’t think there should be any mechanism where a container can escape a bind mount to affect the rest of the host fs? I use bind mounts all the time, far more than docker volumes.