A story of Docker, QEMU, and memfd_create()
raimue.blogThis smells like possible security vulnerability. If Docker is passing environment variables meant for the container to the emulator too, there is probably a way to get Qemu to do more unintended things.
i feel sorry for people who uses docker.
falling for marketing or non critical group thinking, and then learning of their bad choices piecemeal for years on
for me i feel bad for solomon, always missing the mark (docker, dagger) yet profiting must be a sobering reminder of how low the bar really is in modern tech (i'm sure he consoles himself just fine with a blanket of $ though!)