Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
sneak
on Sept 20, 2023
|
parent
|
context
|
favorite
| on:
Toolship: A more secure workstation
Reminder: Docker Hub image tags are not cryptographically secure. They can be replaced by DockerHub or their colo or government at any time.
You need something like org/image@sha256:<hash> instead.
efrecon
on Sept 20, 2023
[–]
You are entirely right. Problem with the sha256 is that you kind of need a comment pointing to the proper tag (at the time of generation). It gets tedious with time.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
You need something like org/image@sha256:<hash> instead.