@cm0002 to Programmer [email protected] • 11 hours agoHow Docker was bornlemmy.mlimagemessage-square33arrow-up1571arrow-down114
arrow-up1557arrow-down1imageHow Docker was bornlemmy.ml@cm0002 to Programmer [email protected] • 11 hours agomessage-square33
minus-square@roofuskitlinkEnglish2•6 hours agoThey worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.
minus-square@[email protected]linkfedilink5•5 hours agoThis worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod
minus-square@roofuskitlinkEnglish1•4 hours agoI was just answering a question. I had the same response above.
They worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.
This worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod
I was just answering a question. I had the same response above.
And I was just adding extra details