• oshu@lemmy.world
    link
    fedilink
    English
    arrow-up
    0
    ·
    2 months ago

    Keeping containers up to date for security and bugfixes is just as important as OS packages.

    • ntn888@lemmy.mlOP
      link
      fedilink
      English
      arrow-up
      0
      arrow-down
      2
      ·
      2 months ago

      yeah, but any update failure of a container is less fatal. and only affects the isolated service… it’s way easy to manage this situation than an unbootable server.

      • oshu@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        2 months ago

        How so? if I compromise a containerized app I get all the data that app has access to.

        From a security standpoint, each and every container running actually increases the potential attack surface.