view the rest of the comments
Selfhosted
A place to share alternatives to popular online services that can be self-hosted without giving up privacy or locking you into a service you don't control.
Rules:
-
Be civil: we're here to support and learn from one another. Insults won't be tolerated. Flame wars are frowned upon.
-
No spam posting.
-
Posts have to be centered around self-hosting. There are other communities for discussing hardware or home computing. If it's not obvious why your post topic revolves around selfhosting, please include details to make it clear.
-
Don't duplicate the full text of your blog or github here. Just post the link for folks to click.
-
Submission headline should match the article title (don’t cherry-pick information from the title to fit your agenda).
-
No trolling.
Resources:
- selfh.st Newsletter and index of selfhosted software and apps
- awesome-selfhosted software
- awesome-sysadmin resources
- Self-Hosted Podcast from Jupiter Broadcasting
Any issues on the community? Report it using the report flag.
Questions? DM the mods!
It's like 20 years of security awareness vanished in an instant.
Why?
Dependency-free doesnt mean they dont have dependencies. Its just that they bundle them all in the executable. When there is a security vulnerability in a library on your Linux system the vendor of your distribution (Canonical, Redhat, SUSE) takes care that it is fixed. All dependent software and libraries are then fixed as well. All I say? Not the ones which have been bundled in the executable. First they need to find out that you are affected and then the maintainer has to update the dependency manually. Often they can only do this after there has been a coordinated release of the fix by the major distributors, which can leave you vulnerable no matter how fast the maintainer is. This is the way it is in Windows. (This was a short summary)
this is the same with every docker container.
Yes, in the sense that you are responsible to update the Docker container and often this can lead to vulnerable containers. No, in the sense that it is much easier to scan for dependencies inside a Docker container and identify vulnerabilities. Also most containers are based on Linux distribution, so those distribute the security fixes for specific libraries. All you have to is update the base image.