Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Discuss
  3. Docker hardened images?

Docker hardened images?

Scheduled Pinned Locked Moved Discuss
5 Posts 5 Posters 74 Views 5 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • samukS Offline
    samukS Offline
    samuk
    wrote last edited by
    #1

    https://www.docker.com/blog/docker-hardened-images-for-every-developer/

    Will the Cloudron apps move over to these (if they haven't already?)

    1 Reply Last reply
    1
    • girishG Offline
      girishG Offline
      girish
      Staff
      wrote last edited by
      #2

      Have to see. There is a risk of using container images maintained by others. What if it suddenly becomes non-free etc. After all, docker has a history of changing pricing (including docker hub).

      I would atleast like to move our base image but afaict they offer no hardened ubuntu image.

      1 Reply Last reply
      0
      • timconsidineT Offline
        timconsidineT Offline
        timconsidine
        App Dev
        wrote last edited by
        #3

        Yep, sounds like a power-grab move by the company Docker.
        Sounds like the direct opposite of opensource free(dom) technology.
        Happy to trust the Cloudron base image without it being hardened.

        The next step will be you have to pay for a licence for a hardened image.

        1 Reply Last reply
        1
        • robiR Offline
          robiR Offline
          robi
          wrote last edited by
          #4

          How about we simply get a list of hardened items and apply the ones that make sense for Cloudron?

          Conscious tech

          1 Reply Last reply
          1
          • nebulonN Away
            nebulonN Away
            nebulon
            Staff
            wrote last edited by
            #5

            We also have to see what this "hardened" in the end really means. Already we have a base image from a well known Ubuntu state and unlike with many upstream docker images we are not blindly updating those base layers during a rebuild, which could potentially pull in malicious broken packages.

            If at all, I would be lots more worried about the actual apps, which pull in GBs of modules from like npm (looking at those nextjs apps...)

            1 Reply Last reply
            2
            Reply
            • Reply as topic
            Log in to reply
            • Oldest to Newest
            • Newest to Oldest
            • Most Votes

            • Login
            • Don't have an account? Register
            • Login or register to search.
            • First post
              Last post
            0
            • Categories
            • Recent
            • Tags
            • Popular
            • Bookmarks
            • Search