I don’t have in-depth knowledge of the differences and how big that is. So take the following with a grain of salt.
My main point is that using containerization is a huge security improvement. Podman seems to be even more secure. Calling Docker massively insecure makes it seem like something we should avoid, which takes focus away from the enormous security benefit containerization gives. I believe Docker is fine, but I do use Podman myself, but that is only because Podman desktop is free, and Docker files seem to run fine with Podman.
Edit: After reading a bit I am more convinced that the Podman way of handling it is superior, and that the improvement is big enough to recommend it over Docker in most cases.
ofc containerisation is still better than running it natively in terms of security (which is why I said “compared to Podman”), but that’s kind of mostly a side effect of it’s main thing: reproducible runtime environments.
It’s not rly good security tho afaik and shouldn’t be relied upon in that regard at all, but I don’t know too much about it
I don’t have in-depth knowledge of the differences and how big that is. So take the following with a grain of salt.
My main point is that using containerization is a huge security improvement. Podman seems to be even more secure. Calling Docker massively insecure makes it seem like something we should avoid, which takes focus away from the enormous security benefit containerization gives. I believe Docker is fine, but I do use Podman myself, but that is only because Podman desktop is free, and Docker files seem to run fine with Podman.
Edit: After reading a bit I am more convinced that the Podman way of handling it is superior, and that the improvement is big enough to recommend it over Docker in most cases.
ofc containerisation is still better than running it natively in terms of security (which is why I said “compared to Podman”), but that’s kind of mostly a side effect of it’s main thing: reproducible runtime environments. It’s not rly good security tho afaik and shouldn’t be relied upon in that regard at all, but I don’t know too much about it
deleted by creator