Rocket, a new container runtime from CoreOS [LWN.net]

Rocket, a new container runtime from CoreOS

Posted Dec 2, 2014 18:16 UTC (Tue) by drag (guest, #31333)
In reply to: Rocket, a new container runtime from CoreOS by ibukanov
Parent article: Rocket, a new container runtime from CoreOS

Having something that is insecure and works now is always preferable to something that is secure and doesn't exist yet.

to post comments

Rocket, a new container runtime from CoreOS

Posted Dec 2, 2014 18:21 UTC (Tue) by droundy (guest, #4559) [Link] (1 responses)

I think that depends on the item in question. In some cases, it is better to have nothing rather than something that is broken. e.g. I'd rather have no online banking than online banking that allows someone what l else to take all my money. I'm not sure that docker is in that category, but an insecure convenience tool doesn't sound good.

Rocket, a new container runtime from CoreOS

Posted Dec 2, 2014 19:58 UTC (Tue) by drag (guest, #31333) [Link]

Well they just don't talk about security.

I never said it's a good policy. Personally I find it counter productive to treat security as a bolt-on, but that's just how things work in my experience.

Rocket, a new container runtime from CoreOS

Posted Dec 2, 2014 19:34 UTC (Tue) by mathstuf (subscriber, #69389) [Link]

Oddly, people then get into the rut of "if it ain't broke, don't fix it" when higher-ups say "Huh? Security costs how much? It works now right and hasn't had any issues?". If you know you need security, then work towards it. Putting it on the "Nice To Have" list usually puts it into a completely different timeframe, IME.