Differences

This shows you the differences between two versions of the page.

--- docker:security:prefer_minimal_base_images [2020/04/18 19:23] – created peter
+++ docker:security:prefer_minimal_base_images [2020/07/15 09:30] (current) – external edit 127.0.0.1
@@ Line 3: / Line 3: @@
 Many top docker images include lots of vulnerabilities in their system libraries.
-  - Choose images with fewer OS libraries and tools lower the risk and attack surface of the container.
+  * Choose images with fewer OS libraries and tools lower the risk and attack surface of the container.
-  - Prefer alpine-based images over full-blown system OS images.
+  * Prefer alpine-based images over full-blown system OS images.
+----
+Often times, you might start projects with a generic Docker container image such as writing a **Dockerfile** with a **FROM** node, as your “default”.
+However, when specifying the node image, you should take into consideration that the fully installed Debian Stretch distribution is the underlying image that is used to build it.
+If your project doesn’t require any general system libraries or system utilities then it is better to avoid using a full blown operating system (OS) as a base image.