top | item 35154672

(no title)

alexktz | 3 years ago

Docker as the default librarian of images due to the root namespace hijack in docker clients has a duty of care to maintain trust. A policy of preventing namespace reuse for 1 year before recycling should give time to prevent poisoned images squatting on popular handles.

discuss

verdverm|3 years ago

It has to be a never type of deal, people use images way older than a year, especially the ones most likely to be hit by poisoning