Barry Allard
Sep 3, 2018 · 1 min read

The big problems with Docker:

0. Execution of untrustworthy code from random persons

1. Lack of chain-of-custody, end-to-end image verification

these are an obvious recipe for malware, hacking and spying. It was clearly a problem early on, but is has yet (as of 2018) to be adequately addressed.^

The best recommendation for tech professionals: Don’t be lazy. Build all of your own containers locally from a common standard base image and sign them at build time. And that rkt can run insecure Docker images and that it has a better architecture seems like a no-brainer: always try rkt first and use Docker where rkt lacks usability.


^ https://github.com/moby/moby/issues/2700

    Barry Allard

    Written by