Home Unlabelled You use docker, i am 99% sure you have security vulnerabilities and few more

You use docker, i am 99% sure you have security vulnerabilities and few more

Image result for docker security

So you use docker to have immutable and deterministic application, That's good.
You most probably use official docker images so that you don't invent the wheel , That's good.
You most probably don't use latest, That's potentially good
You probably don't update the system packages when you build each version, That's NOT good.

The problem is that when you create image, you are responsible to upgrade all relevant system package, same as you do for you app dependencies.

Example of things that can be impacted:
  1. You have old system package which have tons of vulnerabilities
  2. Several programming language like Ruby, NodeJS and other use the system DST info (TZDATA package) to correctly handle DST, old package means bad DST adjustment since DST is a dynamic decision (BR this year decided to SKIP DST)

Remember: you own the thin OS --> and you need to update it!




You use docker, i am 99% sure you have security vulnerabilities and few more You use docker, i am 99% sure you have security vulnerabilities and few more Reviewed by Ran Davidovitz on 11:46 AM Rating: 5

No comments:

Post a Comment

Subscribe to: Post Comments ( Atom )
Powered by Blogger.