ʻO 19.4% o nā pahu 1000 Docker kiʻekiʻe i loaʻa kahi ʻōlelo huna huna

Ua hoʻoholo ʻo Jerry Gamblin e ʻike i ka laha o ka mea hou i ʻike ʻia ka pilikia i nā kiʻi Docker o ka māhele Alpine, pili me ka wehewehe ʻana i kahi ʻōlelo huna no ka mea hoʻohana kumu. Ka nānā ʻana o nā kaukani o nā ipu kaulana loa mai ka palapala Docker Hub hōʻike, he aha i loko 194 o kēia mau mea (19.4%) ua hoʻonohonoho ʻia kahi ʻōlelo huna no ke aʻa me ka laka ʻole i ka moʻokāki (“root:::0:::::” ma kahi o “root:!::0:::::”).

Inā hoʻohana ka pahu i ka ʻōuli a me nā pūʻolo linux-pam, e hoʻohana i ka ʻōlelo huna kumu ʻole Ua apono e hoʻonui i kāu mau pono i loko o ka pahu inā loaʻa iā ʻoe ke komo pono ʻole i ka pahu a i ʻole ma hope o ka hoʻohana ʻana i kahi nāwaliwali i kahi lawelawe pono ʻole e holo ana i loko o ka ipu. Hiki iā ʻoe ke hoʻohui i ka ipu me nā kuleana kumu inā loaʻa iā ʻoe ke komo i ka ʻōnaehana, ʻo ia. hiki ke hoʻohui ma o ka pahu i ka TTY i kuhikuhi ʻia ma ka papa inoa /etc/securetty. Hoʻopaʻa ʻia ke komo ʻana me ka ʻōlelo huna ma o SSH.

Ua kaulana loa ma waena o nā ipu me ka ʻōlelo huna kumu mau microsoft/azure-cli, kylemanna/openvpn, governmentpaas/s3-kumu, phpmyadmin/phpmyadmin, mesosphere/aws-cli и hashicorp/terraform, nona ka 10 miliona mau hoʻoiho. Hōʻike ʻia nā pahu pahu
govuk/gemstash-alpine (500 tausani), monsantoco/logstash (5 miliona),
avhost/docker-matrix-riot (1 miliona),
azuresdk/azure-cli-python (5 miliona)
и ciscocloud/haproxy-consul (1 miliona). Kokoke o kēia mau ipu i hoʻokumu ʻia ma Alpine a ʻaʻole hoʻohana i ke aka a me nā pūʻolo linux-pam. ʻO ka ʻokoʻa wale nō ka microsoft/azure-cli e pili ana iā Debian.

Source: opennet.ru