The amount of subjectives judgements about Debian is high. The problem in the past was, that no alternative was available and the arguments were not based on academic standards. A user from the docker community has changed the situation and published a paper, in which a newly developed tool was used to scan docker images for security problems.[1]
Especially debian based images were scanned and lots of unfixed security problems were found. Nearly 100% of the debian docker images which are hosted in the cloud are vulnerable to attacks. In the same paper a possible alternative was mentioned, which is Alpine linux [2]. Alpine linux is different from Debian or Fedora and was developed with a docker container in mind. It's a security hardend, slim down version of an operating system and runs in the cloud but also on a rasberry pi computer.
The study [1] has shown very concrete what the problem with debian is. According to the debian manual, a typical websever has a debian sticker on the front panel, consists of a CD-ROM drive and minor updates are left but only important updates are installed every 6 months. This kind of description was correct in the early 1990s but fails to describe the current situation. Basically spoken, it make sense to argue against Debian, and the only thing which is important is to bring the argument on an academic level.
[1] Zerouali, Ahmed, et al. "On the relation between outdated docker containers, severity vulnerabilities, and bugs." 2019 IEEE 26th International Conference on Software Analysis, Evolution and Reengineering (SANER). IEEE, 2019.
[2] https://nickjanetakis.com/blog/the-3-biggest-wins-when-using-alpine-as-a-base-docker-image
No comments:
Post a Comment