Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Remove gosu in favour of alpines iputils-ping #77

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

Remove gosu in favour of alpines iputils-ping #77

wants to merge 1 commit into from

Conversation

CRCinAU
Copy link

@CRCinAU CRCinAU commented Aug 25, 2024

Not only is the iputils-ping package smaller, it correctly works within a docker container.

The side effect of removing gosu is that docker containers built without it show ~52 fewer security vulnerabilities without the gosu binary installed.

While the author of gosu says this isn't a problem anyway, its just a bad practice. As such, we end up with a smaller window for issues, and a smaller container size as a bonus.

@CRCinAU
Remove gosu in favour of alpines iputils-ping
c943492 
Not only is the iputils-ping package smaller, it correctly works
within a docker container.

The side effect of removing gosu is that docker containers built
without it show ~52 fewer security vulnerabilities without the
gosu binary installed.

While the author of gosu says this isn't a problem anyway, its
just a bad practice. As such, we end up with a smaller window
for issues, and a smaller container size as a bonus.
@manios
Copy link
Owner

manios commented Aug 30, 2024

Ηι @CRCinAU !

Thank you for your contribution! At the moment I cannot merge it because the package is not available in Alpine 3.12 as you can see here. As soon as #45 is unblocked we will test and merge it .

Thanks!

@CRCinAU
Copy link
Author

CRCinAU commented Aug 30, 2024

Ah - I totally missed this as I only run on x86_64 - so I bumped all the way to alpine:edge because I use perl-string-random that doesn't seem to appear in anything else. In reality, I probably should just fix that perl code I use for checking a SIP service to generate a random string without using String::Random.

I'm not sure I have an arm system I can test things beyond alpine:3.12 to confirm your findings, but I'll see what I can do...

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@CRCinAU @manios