this post was submitted on 14 Jun 2023
3 points (100.0% liked)
Self Hosted - Self-hosting your services.
11440 readers
1 users here now
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules
- No harassment
- crossposts from c/Open Source & c/docker & related may be allowed, depending on context
- Video Promoting is allowed if is within the topic.
- No spamming.
- Stay friendly.
- Follow the lemmy.ml instance rules.
- Tag your post. (Read under)
Important
Beginning of January 1st 2024 this rule WILL be enforced. Posts that are not tagged will be warned and if not fixed within 24h then removed!
- Lemmy doesn't have tags yet, so mark it with [Question], [Help], [Project], [Other], [Promoting] or other you may think is appropriate.
Cross-posting
- !everything_git@lemmy.ml is allowed!
- !docker@lemmy.ml is allowed!
- !portainer@lemmy.ml is allowed!
- !fediverse@lemmy.ml is allowed if topic has to do with selfhosting.
- !selfhosted@lemmy.ml is allowed!
If you see a rule-breaker please DM the mods!
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I mean as in renting out servers (VMs), where untrusted people have full root access.
Ah. Yes, I have no plans to do something like that.
My answer still applies. If there’s a remote code exploit that can be used to gain root, running it in a container just gets you root there. Running it in a VM only gets you root there. Both provide layers to protect the underlying OS.
Indeed, VMs are more secure than containers, but they come had a quite heavy price performance wise and are also harder to maintain. With Podman you can manage containers just like any other systemd service, which is really convenient.