Originally posted by oiaohm
View Post
Especially when latency is concerned, you're not going to have thousands of borders to draw. In fact, very little, so it's completely insignificant.
You bring corner cases and sure SSD is not for them but like I said 99.99999% users don't care about restricting with cgroup at all, and even less about "thousands of windows" DoS problem. (btw I did mention this "denial of service" which is a non-issue even if malware)
If you really want isolation then use a proper VM.
Comment