| ▲ | zuzululu 5 hours ago | |||||||
good stuff man i just installed it and its super fast im just not sure is this really secure to run untrusted code i can't find any white papers | ||||||||
| ▲ | binsquare 4 hours ago | parent [-] | |||||||
the underlying vmm is libkrun: https://github.com/libkrun/libkrun is battle tested and used for podman. It provides kernel isolation for running untrusted code which is a security boundary that traditional containers can't guarantee. I'm engaged with a third party security penetration company for their review, and will be happy to share it publicly when it is available. | ||||||||
| ||||||||