727

How Docker was born (lemmy.ml)

submitted 1 day ago by cm0002@lemmy.world to c/programmer_humor@programming.dev

34 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[-] kitnaht@lemmy.world 18 points 1 day ago

The biggest problem that I have with docker is honestly, the fear of a supply-chain attack.

[-] Drasla@lemmy.studio 1 points 1 day ago

You mean compromised code sneaking into Docker images? Or a DOS on dockerhub?

[-] roofuskit@lemmy.world 2 points 23 hours ago

They worry about someone replacing the docker image on the hosting server with a malicious modified version for people to pull down during updates.

[-] zalgotext@sh.itjust.works 8 points 22 hours ago

This worry exists for literally every 3rd party dependency, not just docker, and is addressed the same way - by running tests and vulnerability scans in a sandboxed test environment before shipping to prod

[-] roofuskit@lemmy.world 2 points 22 hours ago

I was just answering a question. I had the same response above.

[-] zalgotext@sh.itjust.works 2 points 21 hours ago

And I was just adding extra details

[-] kitnaht@lemmy.world 2 points 1 day ago

Supply chain attack has a definition. And it has nothing to do with DDoS.

[-] GreenKnight23@lemmy.world 4 points 1 day ago

ddos is vaguely related to a supply chain attack in the sense that it can be used as a distraction to implement said chain attack. it was pretty common tactic at one point.