On Thu, Nov 24, 2016 at 03:19:49PM +0100, Martin Kühne via arch-general wrote:
This whole sandboxing and containerisation idiocy is such a pain.
Containers are useful — I'm saying this as an admin with 10 years of experience. Having semi-isolated controlled environments for testing, building, just plain not having useless packages pile up on the host is really convenient. Having said that, I think using them to isolate programs is an entirely wrong approach to security. From my experience, making something more complex almost never leads to it being more robust or secure. Another level of abstraction means new bugs — and security holes, of course — which is the complete opposite of what we're trying to solve. What's more, it will harm the ecosystem in general IMO. Even now I see projects abandoning any efforts to make their software packageable — just drop this docker container into your system and you'll be fine! Of course you have to now rely on the upstream to update the container AND it's built on a system that is very different from what you're using in your environment, but who cares, it's a container! So convenient! So safe! I went on a rant there — as I often do — but eh, that's my two cents. P.S. To be fair, this approach isn't limited to containers or snap/flatpak packages. And it's nothing new. Gitlab and Chef are mainly distributed in a single isolated environment that might as well be a container: drop the whole thing into /opt, let it do the rest. Gitlab has its own chef inside FFS. BTW has anyone managed to get the chef server running on an Arch install? I'm seriously asking.