I use containers on my development machine to limit the damage that can be done when I fall victim to malware stuffed into development package. Surely it will not stop a targeted attack. But a generic malware does not bother yet to try to escape from containers. So it does give some protection.
Surely using VM will give even better protection while allowing for simpler kernel, but as the compilation requires up to 16GB or RAM and may take up to 2 hours, using VM will add an overhead that I cannot afford.
Surely using VM will give even better protection while allowing for simpler kernel, but as the compilation requires up to 16GB or RAM and may take up to 2 hours, using VM will add an overhead that I cannot afford.