[$] Measuring container security

There are a lot of claims regarding the relative security of containersversus virtual machines (VMs), but there has been little in the way ofactually trying to measure those differences. James Bottomley gave a talkin the refereed track of the 2018 Linux Plumbers Conference (LPC)that described work that targets filling in that gap. He and his colleagueshave come up with a measure that, while not perfect, gives a starting point for furtherefforts.