Containers

Firejail

One big thing for me over the last few years is containers, security confinement and sandboxes. It’s not a new thing, but in the Linux space a lot of interesting tooling around these technologies has appeared over the last years. One of them are Firejail, it’s a simple tool that can apply security constraints to an application. For example, I write this in the Markdown editor Abricotine now. All scary syscalls dropped, contained and in it’s own network namespace with no network access.

Containers

One thing that has become really interesting over the last year is Docker. It has evolved quickly and built up an ecosystem with a really active community. At work, we started to migrate from a old monolithic infrastructure to a service based infrastructure. We are deploying a mix of different platforms and tools and are trying to keep us independent of specific tools, we think it is too early to see who is the winners, and what platform or project that still will be around in five years.