@cm0002@lemmy.world to Programmer Humor@programming.dev • 26 days agoHow Docker was bornlemmy.mlimagemessage-square34fedilinkarrow-up1824arrow-down125
arrow-up1799arrow-down1imageHow Docker was bornlemmy.ml@cm0002@lemmy.world to Programmer Humor@programming.dev • 26 days agomessage-square34fedilink
minus-square@Drasla@lemmy.studiolinkfedilink1•26 days agoYou mean compromised code sneaking into Docker images? Or a DOS on dockerhub?
minus-square@kitnaht@lemmy.worldlinkfedilink2•26 days agoSupply chain attack has a definition. And it has nothing to do with DDoS.
minus-square@roofuskit@lemmy.worldlinkfedilinkEnglish2•26 days agoThey worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.
minus-square@zalgotext@sh.itjust.workslinkfedilink8•26 days agoThis worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod
minus-square@roofuskit@lemmy.worldlinkfedilinkEnglish2•26 days agoI was just answering a question. I had the same response above.
You mean compromised code sneaking into Docker images? Or a DOS on dockerhub?
Supply chain attack has a definition. And it has nothing to do with DDoS.
deleted by creator
They worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.
This worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod
I was just answering a question. I had the same response above.
And I was just adding extra details