{"id":2277,"date":"2016-05-27T00:06:16","date_gmt":"2016-05-27T00:06:16","guid":{"rendered":"https:\/\/www.couchbase.com\/blog\/?p=2277"},"modified":"2016-05-27T00:06:16","modified_gmt":"2016-05-27T00:06:16","slug":"containers-security-double-dipping","status":"publish","type":"post","link":"https:\/\/www.couchbase.com\/blog\/containers-security-double-dipping\/","title":{"rendered":"Containers, Security, Double Dipping"},"content":{"rendered":"

One of the common misconception about containers<\/a> is that they act as light VMs. Which would make you think they are perfectly isolated. It's not true. While they all give you some level of isolation, they all share a common kernel. And that is the main idea actually. Containers are lightweight because you don't have to emulate the whole thing, because they share a common kernel.<\/p>\n

Running your containers in production on some cloud provider might put you in a situation where your container will share a kernel with some unknown container. Does this make you uncomfortable?<\/p>\n

The Double Dipping Analogy<\/h2>\n

Pretend you are at a party. And you are sharing a dip with someone. And that someone double dips. Do you keep sharing? If that someone is your significant other and you are of a trusting nature you will probably continue. If you absolutely don't know that person, you are a lot less likely to continue. And then let's say some people are adventurous, or maybe you are Bear Grylls. And by the way you'll find answers to all your double dip questions on this article<\/a>.<\/p>\n