DEV Community

Discussion on: How AWS Lambda Works Under The Hood

oliverjumpertz profile image
Oliver Jumpertz Author

It's pretty difficult, if not impossible to make that happen. Firecracker creates its microVMs with KVM, which is a Linux Kernel feature.

It was first merged into the kernel in 2007, and thus had a lot of time to to be penetration tested.

Additionally, the VMs created only run with a very limited device set (even the keyboard device is only implemented to shut down the VM).

So overall those VMs are pretty safe, and even if you manage to get corrupted code into the VM, the likelyhood of it being able to break something is very low. But of course, the chances are never zero that someone still finds a way. 😊

newworldman profile image

Oh, ok, thank you. I was wondering from the standpoint of something not working correctly, maybe contributing to a constant CORS error, but perhaps that wouldn't happen.