Docker revolutionised the way we think about software deployment. It’s a lightweight, portable, and scalable solution for containerising applications. But there’s a flag—Linus Torvalds. Or more precisely, Linus’s apprehensions with this tech. I have been in the tech space for a good 15 years now. And as far as I can tell, Linus Torvald’s intuition about a piece of technology has never failed him.
Take blockchain for instance. When everyone was going gaga over the technology back in 2020, Linus didn’t seem all that excited. The sheer complexity of the technology bothered him, and he could already see the issues with scalability of such technologies. Similarly, consider his current stance on the AI boom. While he is impressed by the incredible developments taking place, he is not too sold on the whole AGI hype. It’s easy to see that he has a nose for smelling tech ‘bs’ from a mile away and I trust that.
So when it comes to his critique of Docker, I decided to take it seriously and pay close attention to the aspects of the technology that seem to bother him. My hope is that by the end of this article, I may be able to better articulate the issues in Docker from Linus’s perspective, while also providing potential solutions and next steps for this tech.
Architecture
To understand Docker’s security limitations, we need to examine its core architecture, which revolves around Linux features like namespaces and cgroups (control groups). These components are crucial for container isolation, but they’re not designed to provide the kind of security guarantees you’d expect from full virtualisation.
Docker utilises Linux namespaces to create the illusion of isolation by partitioning kernel resources.
Here’s a breakdown of how each namespace contributes.
This story is from the November 2024 edition of Open Source For You.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber ? Sign In
This story is from the November 2024 edition of Open Source For You.
Start your 7-day Magzter GOLD free trial to access thousands of curated premium stories, and 9,000+ magazines and newspapers.
Already a subscriber? Sign In
Red Hat unveils Red Hat OpenShift Virtualization Engine
Red Hat OpenShift Virtualization Engine is a new edition of Red Hat OpenShift that offers a dedicated solution for organisations to leverage the virtualisation capabilities already available within Red Hat OpenShift.
Spring AI: A Door to GenAI Heaven for Java Developers
Let's explore the Spring AI framework and its advantages, and look at how it is helping Java developers adopt AI.
Significant security vulnerabilities drive the release of Rsync 3.4
Rsync, the widely used utility for incremental file transfers and synchronisation, has released version 3.4. This update isn't packed with exciting new features but is instead critical due to several newly disclosed security vulnerabilities.
NVIDIA puts Grace Blackwell at every AI developer's fingertips
NVIDIA has introduced NVIDIA Project DIGITS, a groundbreaking personal AI supercomputer designed to empower AI researchers, data scientists, and students NVIDIA® NVIDIA GRACE BLACKWELL with the immense capabilities of the NVIDIA Grace Blackwell platform.
Top Tools for DevOps, Cybersecurity, and Cloud Management in 2025
In 2025, organisations will continue to rely on open source tools to retain a competitive edge. We look at why the best tools for DevOps, cybersecurity and cloud management will remain relevant and how best to integrate them into your organisation.
CREW: Open source platform to improve human-AI interaction
As human-AI collaboration deepens, critical questions arise: How should humans and AI complement one another? What kind of feedback enhances AI training? How can trust in AI be optimised to balance collaboration without over-reliance? Researchers at Duke University are addressing these challenges through CREW-an innovative platform designed to advance human-AI teaming.
Red Hat completes the acquisition of Neural Magic
Red Hat, Inc., has announced the completion of its acquisition of Neural Magic, a trailblazer in software and algorithms that accelerate generative AI (GenAI) inference workloads.
The Do's and Don'ts for Software Architects
Here's a list of best practices for software architects as well as the common mistakes they should try not to fall prey to.
openSUSE's Tumbleweed introduces Wayland support for the LXQt desktop environment
The openSUSE Project has announced that its Tumbleweed rolling release distribution now includes Wayland support for users of the LXQt desktop environment.
A Guide for Software Architects: Common Mistakes and Best Practices
Software architects play an invaluable role in the digital transformation of an organisation. To make a mark, they must imbibe certain qualities and avoid common errors.
