ellie

joined 1 year ago
[โ€“] ellie@lemmy.silkky.dev 15 points 1 year ago

The most popular images on Docker Hub are official / library images, they are curated and monitored by Docker for best practices and security vulnerabilities. I'm not saying that means you should trust them completely, it's always best practice to read the source of an image before you use it.

[โ€“] ellie@lemmy.silkky.dev 38 points 1 year ago (7 children)

This isn't really surprising and isn't actually a real security issue with Docker itself or any of the popular public images. Docker Hub is a public registry so people inexperienced with Docker accidentally include secrets in their images and upload it to Docker Hub, this is actually pretty well known and the Docker docs specifically warn people about this.