🥇DockerHub Igqekeziwe

Kwiiyure ezimbalwa ezidlulileyo, abanye abasebenzisi be-DockerHub bathunyelwe ii-imeyile ezinomxholo olandelayo:

“NgoLwesine, nge-25 ka-Epreli 2019, sifumene ukufikelela okungagunyaziswanga kwenye yedatha yeDockerHub, egcina enye yedatha yabasebenzisi engeyiyo eyemali. Emva kokufunyanwa, ngokukhawuleza sithathe onke amanyathelo ayimfuneko ukukhusela idatha yomsebenzisi.

Kwaye ngoku singathanda ukwabelana ngolwazi esiye sakwazi ukulufumana ngexesha lophando, kubandakanywa ukuba zeziphi ii-akhawunti ze-DockerHub ezichatshazelweyo kwaye zeziphi izenzo abanini bazo ekufuneka bazenze ngoku.

Nantsi into esikwazile ukuyifumanisa:

Ngexesha elifutshane lokufikelela okungagunyaziswanga kwiziko ledatha le-DockerHub, idatha eyimfihlo malunga neeakhawunti ze-190 (ngaphantsi kwe-000% yabasebenzisi benkonzo) inokubhengezwa. Idatha ibandakanya amagama omsebenzisi kunye ne-password hashes yepesenti encinci yabasebenzisi abangentla, kunye ne-GitHub kunye ne-BitBucket tokens ezisetyenziselwa ukwakhiwa kwee-automated container.

Yintoni ekufuneka yenziwe ngoku:

-Sicela abasebenzisi ukuba batshintshe iipassword zeDockerHub kunye nazo naziphi na ezinye iiakhawunti usebenzisa igama eliyimfihlo.

- Abasebenzisi abasebenzisa i-automated builds abanokuthi bachatshazelwe yile nto baye bahlaziywa amathokheni kunye nezitshixo zokufikelela. Kwakhona siyabacela ukuba bajonge oovimba babo ukuba kukho nawuphi na umsebenzi orhanelwayo wakutshanje.

-Ukufumana ukuba ungaphanda njani umsebenzi okrokrelayo kwiakhawunti yakho yeGitHub kunye neBitBucket kwiiyure ezingama-24 ezidlulileyo, landela amakhonkco. help.github.com/en/articles/reviewing-your-security-log и bitbucket.org/blog/new-audit-logs-give-you-the-who-what-when-and-where

Oku kunokuchaphazela ulwakhiwo lwakho lwangoku olusuka kwinkonzo yethu yokwakha ngokuzenzekelayo. Kusenokufuneka ukuba ungaqhagamshelani kwaye uphinde uqhagamshele i-akhawunti yakho ye-GitHub kunye ne-BitBucket. Oku kubhalwe ngokweenkcukacha apha. docs.docker.com/docker-hub/builds/link-source

Thina ke, siya kuphucula iinkqubo zethu zokhuseleko kwaye sijonge imigaqo-nkqubo yethu. Sikwamisele iimetrikhi ezongezelelweyo ukulandelela izenzo ezingekho mthethweni ezinokwenzeka kwixesha elizayo.

Sisaphanda ngesi sehlo kwaye siza kukuhlaziya njengoko iinkcukacha ezithe vetshe zifumaneka."

Njengesiqhelo, sijonga ezethu imeyile, iiakhawunti zethu kwiinkonzo ezibonisiweyo, kwaye siphinde senze amagama ayimfihlo. Siza kuyihlaziya le posi njengoko ulwazi olutsha lufumaneka.

Ngabasebenzisi ababhalisiweyo kuphela abanokuthatha inxaxheba kuphando. Ngena, ndiyacela.

Ngaba ukhe wafumana ileta efanayo?

ukuba
akukho
Andinayo iakhawunti yeDockerHub

Bangama-26 abasebenzisi abavotileyo. Abasebenzisi abangama-2 abakhange.

umthombo: www.habr.com

dockerhub igqekeziwe

Ngaba ukhe wafumana ileta efanayo?

Yongeza izimvo Phendula impendulo