I’ve read that standard containers are optimized for developer productivity and not security, which makes sense.
But then what would be ideal to use for security? Suppose I want to isolate environments from each other for security purposes, to run questionable programs or reduce attack surface. What are some secure solutions?
Something without the performance hit of VMs
I dont have much idea about SELinux, apart from the name. But I think the problem I was having was specifically wrt uid, with docker I used to add user with the same uid/gid as the host user, as a developer this would help me with debugging. But this differs with the non root setup.