There are things that can be done to enhance the defaults that docker currently provides (b/c defaults are hard to change when you have millions of users), but a process running in a default docker container is absolutely more secure than a process running outside of a container.
There are things that can be done to enhance the defaults that docker currently provides (b/c defaults are hard to change when you have millions of users), but a process running in a default docker container is absolutely more secure than a process running outside of a container.