Hacker News new | past | comments | ask | show | jobs | submit login

Intuitively this seems plausible. In particular, I'm guessing that return-oriented programming is more difficult in a build with fewer libraries. And just having a custom build based on musl libc, as opposed to the omnipresent Debian and Ubuntu images, might throw off some attackers. I'd appreciate input from a real security expert though.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact