Comment by zmmmmm

effectively, that means it's a VM not a container

because sharing the kernel ultimately means all the devices come along for the ride which give all kinds of fancy ways to communicate with the outside world - network is just the start

I think micro-VMs are the future here, but they need heavy adaptation from their current usage.