Added a comment

2021-03-30 16:21:14 +00:00 · 2021-03-30 16:21:14 +00:00 · a366e9d0fc
commit a366e9d0fc
parent 568f1c421b
1 changed files with 8 additions and 0 deletions
--- a/doc/todo/dockerized_external_special_remotes/comment_5_4e09e2a08f07924ef791d63da56df066._comment
+++ b/doc/todo/dockerized_external_special_remotes/comment_5_4e09e2a08f07924ef791d63da56df066._comment
@ -0,0 +1,8 @@
+[[!comment format=mdwn
+ username="Lukey"
+ avatar="http://cdn.libravatar.org/avatar/c7c08e2efd29c692cc017c4a4ca3406b"
+ subject="comment 5"
+ date="2021-03-30T16:21:10Z"
+ content="""
+IMHO, docker is too insecure to auto-install, enable and execute random special-remote programs. It has a extremely large attack surface (syscalls, ioctls, etc.) compared to, say, virtual machines. [And people regularly are able to break out of the latter](https://en.wikipedia.org/wiki/Virtual_machine_escape).
+"""]]