
Docker Puts Focus on Container Security - rajathagasthya
http://techcrunch.com/2015/11/16/docker-puts-focus-on-container-security-tools/
======
david_shaw
I don't know that the YubiKey support will make a huge difference, but user
namespace support is huge. Running services as root -- especially important
things, like web servers, or virtual machines, or containers -- is a big no-no
in security.

Kudos to the Docker team for proactively fixing a complaint I've heard a few
times from security-minded people!

~~~
ibotty
Unfortunately the daemon model bites again: On a host running any docker
containers with user-namespaces, you can't run containers with net or ipc from
the host.

