Comment on Docker Hub's trust signals are a lie — and Huntarr is just the latest proof
porkloin@lemmy.world 3 days ago
I know it’s not the issue here really but
the container runs as root
That’s why we need to push for more self hosted containers to support running rootless. There’s no reason for it other than laziness IMHO.
It’s wild to me how many people will jump through a bunch of other random security hoops but not blink an eye about running containers as root
jonathan@piefed.social 3 days ago
Laziness is a lazy diagnosis, complexity and ignorance are the more common causes.
porkloin@lemmy.world 2 days ago
Fair! I’m not giving enough credit to the fact that some applications don’t really have another option than to run root for some dependencies