[$] Measuring container security

Post Syndicated from jake original https://lwn.net/Articles/773976/rss

There are a lot of claims regarding the relative security of containers
versus virtual machines (VMs), but there has been little in the way of
actually trying to measure those differences. James Bottomley gave a talk
in the
refereed track of the 2018 Linux Plumbers Conference (LPC)
that described work that targets filling in that gap. He and his colleagues
have come up with
a measure that, while not perfect, gives a starting point for further
efforts.