alt Hacker NewsEvery docker image specified in a k8s yml or docker-compose file or github action that doesn’t end in :sha256@<hash> (ie specifying a label) is one “docker push” away from a compromise, given that tags/labels are not cryptographically specified. You’re just trusting DockerHub and the publisher (or anyone with their creds) to not rug you.
The industry runs on a lot more unexamined trust than people think.
They’re deployed automatically by machine, which definitionally can’t even give it a second thought. The upstream trust is literally specified in code, to be reused constantly automatically. You could get owned in your sleep without doing anything just because a publisher got phished one day.
Replies
I have to trust the publisher, otherwise I can't update and I have to update because CVE's exist. If we step back, how do I even know that the image blessed with hardcoded hash (doublechecked with the website of whoever is supposed to publish it) isn't backdored now?
Pinning a GitHub Actions action doesn't prevent the action itself from doing an apt install, npm install or running a Docker image that is not pinned.
That's one reason I barely use any dependencies. I'm forced to use a couple, but I tend to "roll my own," quite a bit.
Well, I should qualify that. I do use quite a few dependencies, but they are ones that I wrote.