Sujet : Re: lightweight virtualization
De : ldo (at) *nospam* nz.invalid (Lawrence D’Oliveiro)
Groupes : comp.sys.raspberry-piDate : 07. Sep 2025, 22:25:06
Autres entêtes
Organisation : A noiseless patient Spider
Message-ID : <109kt7i$3tta6$4@dont-email.me>
References : 1 2 3 4 5 6
User-Agent : Pan/0.163 (Kryvyi Rih)
On Sun, 7 Sep 2025 08:29:21 -0000 (UTC), Jimmy Logan wrote:
On 2025-09-07, Lawrence D’Oliveiro <ldo@nz.invalid> wrote:
>
On Sat, 6 Sep 2025 18:10:52 -0000 (UTC), Jimmy Logan wrote:
>
The other end of of the spectrum would be hand crafted chroot ...
>
chroot is useless for proper isolation.
>
You're right, chroot can never be considered a secure isolation, but
for separating 'service packages' from 'host os packages', might be
enough, I mean, service running in chroot would not be "less secure"
than running it from the host, agree?
Containers would be more reliable.
…