Generally, the common wisdom is still that Docker, lxc, and linux containers in general haven't been audited and hardened enough to use for multi-tenant isolation, so this seems like an odd choice. The article doesn't talk at all about even doing some of the common hardening people might do in these circumstances (limit syscalls with seccomp, get rid of suid binaries, grsec, AppArmor).<p>I'd be extremely hesitant to trust the sandboxing here.