Operations containment
Dokuru proof stays in its own operations route.
The customer shop remains a real online shopping experience. This page is for before/after runtime evidence during the hardening demo.
Checkout status
healthy
0ms latency
Memory held
0 MiB
memory.max: loading
PIDs
loading
helpers: 0
Before/after checklist
Before `5.16`, invoice renderer can see PostgreSQL neighbor process.
After `5.16`, same action prints no postgres PID visible.
Before `5.11`, memory.max is unbounded and checkout can degrade.
After cgroup fixes, pressure stays inside the vulnerable service.
Runtime evidence
PID namespace
loadingUser namespace
loadingUID map
loadingTop processes
loading