Cgroups are important for stability, but they are not a security boundary. They prevent denial-of-service, not escape. A process constrained by cgroups still makes syscalls to the same kernel with the same attack surface.
FT App on Android & iOS
。快连下载安装对此有专业解读
Bibliographic Tools
Материалы по теме: