The original commenter could be referring to Deno's permission system being similar to Docker's sandboxing, which could be true; I am not familiar enough with Docker to confirm that.

Personally, I tend to run my Deno/Node services using simple SystemD services rather than using docker or running the executable as-is.