For anyone out there who thinks that containers are a sandbox...
There's a reason why gVisor exists:
https://github.com/google/gvisor#why-does-gvisor-exist
There's a reason why secureblue doesn't use containers:
https://news.ycombinator.com/item?id=45045190
There's a reason why Qubes OS doesn't use containers.
For anyone out there who thinks that containers are a sandbox...
There's a reason why gVisor exists:
https://github.com/google/gvisor#why-does-gvisor-exist
There's a reason why secureblue doesn't use containers:
https://news.ycombinator.com/item?id=45045190
There's a reason why Qubes OS doesn't use containers.