docker:security:prefer_minimal_base_images
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| docker:security:prefer_minimal_base_images [2020/04/18 19:23] – peter | docker:security:prefer_minimal_base_images [2020/07/15 09:30] (current) – external edit 127.0.0.1 | ||
|---|---|---|---|
| Line 5: | Line 5: | ||
| * Choose images with fewer OS libraries and tools lower the risk and attack surface of the container. | * Choose images with fewer OS libraries and tools lower the risk and attack surface of the container. | ||
| * Prefer alpine-based images over full-blown system OS images. | * Prefer alpine-based images over full-blown system OS images. | ||
| + | |||
| + | ---- | ||
| + | |||
| + | Often times, you might start projects with a generic Docker container image such as writing a **Dockerfile** with a **FROM** node, as your “default”. | ||
| + | |||
| + | However, when specifying the node image, you should take into consideration that the fully installed Debian Stretch distribution is the underlying image that is used to build it. | ||
| + | |||
| + | If your project doesn’t require any general system libraries or system utilities then it is better to avoid using a full blown operating system (OS) as a base image. | ||
docker/security/prefer_minimal_base_images.1587237828.txt.gz · Last modified: 2020/07/15 09:30 (external edit)