|
|
Subscribe / Log in / New account

The Rocket containerization system

The Rocket containerization system

Posted Dec 11, 2014 6:08 UTC (Thu) by Mook (subscriber, #71173)
In reply to: The Rocket containerization system by dlang
Parent article: The Rocket containerization system

> why in the world would you trust an image from a website that anyone can upload to? that's worse than just downloading and executing random binaries.

> Now, a recipe for building an image from distro X would be reasnable (I think Fedora calls this a kickstart definition)

My understanding is that that's pretty much how the docker hub thing works; it grabs a recipe possibly with associated files, runs it on their servers, and exposes the result.

Of course, that means you should probably read that recipe and figure out if the associated files (and actions in the recipe, any downloads that does, etc.) might be dangerous before actually grabbing the image. Their last release was about vulnerabilities when pulling evil images...

to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds