On Thu, Jun 16, 2016 at 04:33:12PM -0400, Rich Freeman wrote > On Thu, Jun 16, 2016 at 4:11 PM, Alan McKinnon <[email protected]> > wrote: > > > > I don't see the part where all these latest fancy container thingymagicies > > are not really just "embed everything in everything" > > > > We've known for years the dangers of embedding stuff in packages (it hardly > > ever gets updated properly) > > > > Well, that strikes me as being true of these self-contained packages, > but it isn't necessarily true of containers in general. > > I run most of my services in containers, and they're just Gentoo > installations with a really small world file. Things are just as > up-to-date as they would be if I ran it all in a single host. > > Now, if you're the sort of person who just grabs some random docker > image from who knows where, then sure you're getting a big bundle of > stuff that may or may not be maintained for security. This is no > different.
I don't follow this stuff, so this may be a stupid question... how does a "container" or "docker" differ from a chroot or a QEMU VM with a minimal set of applications? -- Walter Dnes <[email protected]> I don't run "desktop environments"; I run useful applications
