There is a security trend called reproducible builds, which aims for having a way to create bit-exact copies of output binaries so that the user can verify whether the version found on the internet is trustworthy. Is there a similar movement and tooling across Docker community? The way I understand it, even with version pinning in containerized Linux distributions, timestamps would make this problematic. Is there a way to solve this problem and create a readable Dockerfile that doesn't build from scratch that would describe dependencies deterministically and in a future-proof way?
Truly reproducible Docker containers?
328 Views Asked by d33tah At
0
There are 0 best solutions below
Related Questions in DOCKER
- sqlplus myusername/mypassword@ORCL not working with Oracle on Docker
- Golang == Error: OCI runtime create failed: unable to start container process: exec: "./bin": stat ./bin: no such file or directory: unknown
- Only the first SQL script gets executed inside Docker Postgres container
- Retrieve the Dockerfile configuration from the Kubernetes and also change container Java parameter?
- Polars with Rust: Out of Memory Error when Processing Large Dataset in Docker Using Streaming
- Compiling eBPF program in Docker fails due to missing '__u64' type
- AttributeError: module 'numba' has no attribute 'generated_jit'
- Phoenix in a docker dev environment - generated code can't be saved from VSCode
- Docker on Multipass VMs: Connecting worker nodes to swarm results in rcp error
- Facing error in creating image of my react+vite project . Dockerfile error
- NextJS Docker build fails: fetch failed ECONNREFUSED
- Docker container unable to make HTTPS requests to external API
- Failed to connect to your instance after deploying mern app on aws ec2 instance when i try to access frontend
- Connecting to Postgres running in a Docker container using psql
- Can't connect to local postgresql server from my docker container
Related Questions in SECURITY
- HTTPS configuration in Spring Boot, server returning timeout
- HSM ZKA control mask values
- OWASP Amass Subcommands
- Is there a need for BPF Linux namespace?
- Error when trying to execute a binary compiled in a Kali Linux machine on an Ubuntu system
- When sanitize/encode while implementing tags system like on SO
- spring security version in spring-boot-starter-security
- I am currently trying to implement a rudimentary firewall from a video I watched but the nimda worm detection is not working and i do not know why?
- Is it possible for `sudo` to fail temporarily with the correct password? Hacking suspected
- Is it viable proxying all my mobile apps requests, to some kind knowing that a request is coming from a secure source
- What abilities should I concentrate on while bug hunting, and how can I improve the quality of my bug bounty reports?
- System.ArgumentOutOfRangeException: I passed this error in every single program
- How to prevent users from creating custom client apps?
- Does server-side content security policy exist for youtube video player API, app, mod apks and website?
- Can we pass a hostname/IP address as a query string in a GET request in REST API
Related Questions in NON-DETERMINISTIC
- Non-Deterministic behavior in PDF library when accessing Django model in between
- Order of callbacks: setTimeout and ResizeObserver
- Haskell. Not seeing laziness despite using list-t's ListT (State s)
- Redundancy in comparison sort / tournament systems
- yocto programmatically asigned SRCREV trigger metadata not deterministic
- Convert Nondeterministic Finite Automata to Regular Expression
- Can I get an ORDER BY with several columns but still deterministic?
- How do I invoke firebase cloud functions within the client using HTTP if the functions URLS will change depending on environment?
- Is there a way to save execution of ruby code to debug it using step by step replay later?
- How to provide non-determinist value (id, dates, random...) to Domain Entity or Aggregate Root given that its been injected as dependencies
- Are there PRECISE RULES to know when MySQL will apply gap blocking?
- Temporarily storing tables with variable amounts of columns
- Using printf with MPI leads to non-deterministic output
- Confusion on the Syntax of a Python Module named automata.pda.npda within automata -lib
- Is UUID's hashValue non-deterministic?
Related Questions in BINARY-REPRODUCIBILITY
- How to compare google-generated apks with appbundle
- Potential downsides of /BREPRO MSVC linker option?
- Workflow for building python wheels in a multistage dockerfile with pipenv
- Generate reproducible checksum for jar files
- Seed in tensorflow initializer (tf.keras.initializers) doesn't guarantees reproducible results
- Yocto: how to disable BUILD_REPRODUCIBLE_BINARIES for single file in root filesystem, so that this file's mtime can be set arbitrarily
- Writing genrule with randomness in Bazel
- Reproducibility: Failing to rerun code over time
- Reproducible issues with Python statsmodel and Docker
- Reproducible build and binary signing
- linter to warn about non-deterministic behaviour
- Latex \today macro expanding to December 31st, 1979
- keras.Model.save changes binary every time model saved
- Using -ffile-prefix-map breaks debugging
- Is it possible to check if the source code matches the App version?
Trending Questions
- UIImageView Frame Doesn't Reflect Constraints
- Is it possible to use adb commands to click on a view by finding its ID?
- How to create a new web character symbol recognizable by html/javascript?
- Why isn't my CSS3 animation smooth in Google Chrome (but very smooth on other browsers)?
- Heap Gives Page Fault
- Connect ffmpeg to Visual Studio 2008
- Both Object- and ValueAnimator jumps when Duration is set above API LvL 24
- How to avoid default initialization of objects in std::vector?
- second argument of the command line arguments in a format other than char** argv or char* argv[]
- How to improve efficiency of algorithm which generates next lexicographic permutation?
- Navigating to the another actvity app getting crash in android
- How to read the particular message format in android and store in sqlite database?
- Resetting inventory status after order is cancelled
- Efficiently compute powers of X in SSE/AVX
- Insert into an external database using ajax and php : POST 500 (Internal Server Error)
Popular # Hahtags
Popular Questions
- How do I undo the most recent local commits in Git?
- How can I remove a specific item from an array in JavaScript?
- How do I delete a Git branch locally and remotely?
- Find all files containing a specific text (string) on Linux?
- How do I revert a Git repository to a previous commit?
- How do I create an HTML button that acts like a link?
- How do I check out a remote Git branch?
- How do I force "git pull" to overwrite local files?
- How do I list all files of a directory?
- How to check whether a string contains a substring in JavaScript?
- How do I redirect to another webpage?
- How can I iterate over rows in a Pandas DataFrame?
- How do I convert a String to an int in Java?
- Does Python have a string 'contains' substring method?
- How do I check if a string contains a specific word?