cm0002@lemmy.world to Programmer Humor@programming.dev · 5 days agoHow Docker was bornlemmy.mlexternal-linkmessage-square34fedilinkarrow-up11arrow-down10cross-posted to: programmerhumor@lemmy.ml
arrow-up11arrow-down1external-linkHow Docker was bornlemmy.mlcm0002@lemmy.world to Programmer Humor@programming.dev · 5 days agomessage-square34fedilinkcross-posted to: programmerhumor@lemmy.ml
minus-squareroofuskit@lemmy.worldlinkfedilinkEnglisharrow-up0·5 days agoThey worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.
minus-squarezalgotext@sh.itjust.workslinkfedilinkarrow-up0·5 days agoThis worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod
minus-squareroofuskit@lemmy.worldlinkfedilinkEnglisharrow-up0·5 days agoI was just answering a question. I had the same response above.
minus-squarezalgotext@sh.itjust.workslinkfedilinkarrow-up0·5 days agoAnd I was just adding extra details
They worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.
This worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod
I was just answering a question. I had the same response above.
And I was just adding extra details