diff -u: What's New in Kernel Development December 2014Dec 14, 2014, 22:00 (0 Talkback[s])
(Other stories by Zack Brown)
Containers are very tricky to implement. Trying to isolate sets of resources from each other completely, so that they resemble a discrete system, and doing it in a secure way, has to be addressed on a feature-by-feature basis, with many caveats and uncertainties. Over time, this makes the core kernel code more secure and robust, but each individual feature may have surprising issues.
0 Talkback[s] (click to add your comment)