Dockerfile security best practices ↦
8 common security issues when using Docker and how to avoid them. Here’s a sampler:
Avoid curl bashing
Pulling stuff from internet and piping it into a shell is as bad as it could be. Unfortunately it’s a widespread solution to streamline installations of software.
The risk is the same framed for supply chain attacks and it boils down to trust. If you really have to curl bash, do it right…
Sign in or Join to comment or subscribe