[ale] Containers... use?

Jeff Hubbs jhubbslist at att.net
Mon Sep 18 12:49:18 EDT 2017 

Can someone help characterize for me how Anaconda fits into this whole 
container business?

On 9/18/17 11:52 AM, Jim Kinney wrote:
> I'm very close to the point of isolating my docker junkies in every 
> possible way and letting their stuff get broken into. That will be the 
> only way to get the political leverage to be able tell a PhD faculty 
> "NO. It ALL runs through me and upstream university security. No 
> exception."
>
> On September 18, 2017 9:34:37 AM EDT, Solomon Peachy 
> <pizza at shaftnet.org> wrote:
>
>     On Mon, Sep 18, 2017 at 09:18:46AM -0400, Jerald Sheets wrote:
>
>         All containers should be curated by Systems. The Developers
>         should submit them for security scanning, or you should employ
>         a DevSecOps model for deployment. i.e., federate security
>         scanning by providing OS, App, transport, penetration, and
>         network security testing as APIs that devs can leverage
>         instead of leaving them to security. Left to their own
>         devices, unreasonable deploy timelines set for them, and
>         golf-playing pointy-hairs with unreasonable ship date
>         requirements, it’ll never happen. 
>
>
>         This should all be automated and part of a security CI/CD
>         pipeline without which a “pass” from the security field,
>         cannot ever be deployed into production. This is how we do it. 
>
>
>     The unspoken assumption here is that your needs are sufficient to make
>     this (completely necessary!) administrative overhead worthwhile.
>
>     Unfortunately, much like VMs before, most shops just "download an image"
>     from the likes of DockerHub and then deploy it, with no real thought
>     towards ongoing maintainence or security concerns.  Because those cost
>     time/effort -- and therefore and money.
>
>       - Solomon </grumble>
>
>
> -- 
> Sent from my Android device with K-9 Mail. All tyopes are thumb 
> related and reflect authenticity.
>
>
> _______________________________________________
> Ale mailing list
> Ale at ale.org
> http://mail.ale.org/mailman/listinfo/ale
> See JOBS, ANNOUNCE and SCHOOLS lists at
> http://mail.ale.org/mailman/listinfo


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20170918/41543c0e/attachment.html>

More information about the Ale mailing list