“This post reviews the various security implications of using Docker to run applications within containers, and how to address them.
There are three great areas to consider:
the intrinsic security of containers, as implemented by namespaces and cgroups;
the specific attack surface of the Docker daemon itself;
the “hardening” security features of the kernel and how they interact with containers…”