Security is one of the most controversial topics in the software industry. How do you measure security? Is your favorite software fundamentally insecure? Are Docker containers secure?
Dan Walsh, SELinux architect, wrote: “Some people make the mistake of thinking of containers as a better and faster way of running virtual machines. From a security point of view, containers are much weaker.” Meanwhile, James Bottomley, Linux Maintainer and former Parallels CTO, wrote: “There’s contentions all over the place that containers are not actually as secure as hypervisors. This is not really true. Parallels and Virtuozo, we’ve been running secure containers for at least 10 years.” To add to the mix, Theo de Raadt, OpenBSD project lead, wrote back in 2007: “You are absolutely deluded, if not stupid, if you think that a worldwide collection of software engineers who can’t write operating systems or applications without security holes, can then turn around and suddenly write virtualization layers without security holes.”