| ▲ | akimbostrawman 2 days ago | |
>Containerization or sand-boxing is practically meaningless when punching holes for GPU, Network, media and HMI devices Many applications don't need these permissions and even the ones that do will be much more secure than having full user space access by default. Someone could exploit the system to gain more access vs someone does not need to do anything because they have full access by default. It's like arguing you don't need a root password because sudo is insecure anyway. | ||
| ▲ | Joel_Mckay 2 days ago | parent [-] | |
Not really, if some noob deploys janky code they don't understand, than someone will eventually worm it for sure. Containerization has not prevented an uptick in nuisance traffic from Cloud providers, but made it orders of magnitude worse. Qubes, Gentoo, and FreeBSD are all a better place to start if you are interested in this sort of research. Best of luck =3 | ||