Because containers on Linux will never be able to provide this, they are fundame... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		bitfilped 16 days ago \| parent \| context \| favorite \| on: GitLab discovers widespread NPM supply chain attac... Because containers on Linux will never be able to provide this, they are fundamentally insecure from the kernel layer up, adding another OS stack on top (k8s) will never address the underlying mess that Linux containers are fundamentally.

naikrovek 16 days ago [–]

Thank you.

OS-level isolation needs to be a thing. And it needs to be on by default.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact