Hacker News new | ask | show | jobs
by subway 3258 days ago
Your best bet is really to build your base image using debootstrap or similar. The 'official' images are often a joke. For the longest time, the maintainer of the 'official' Ubuntu image had no clear association with either Docker Inc or Canonical.

edit: To clarify, the images themselves are quality, and do get generated from Canonical's rootfs tarball, but the trust path for a huge chunk of binary data now hinges on a single individual, rather than a corporate entity.
1 comments
tfvghbv 3258 days ago
> the trust path for a huge chunk of binary data now hinges on a single individual, rather than a corporate entity.

You make it sound like it was a bad thing. It's not.

link
atonse 3258 days ago
It is definitely a bad thing from a risk standpoint, no two ways about it. Simply because that person could get hit by a bus, burn out, etc.
link
k_sh 3258 days ago
I'd trust Canonical for Ubuntu images over a random internet citizen that decided to provide them.
link
s_kilk 3258 days ago
When it comes to base images, I'd much rather trust Canonical, Docker Inc, Redhat, etc than Some Dude.
link