You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@solr.apache.org by "Cuong Bui (Jira)" <ji...@apache.org> on 2023/04/18 10:25:00 UTC

[jira] [Updated] (SOLR-16752) Reduce attack surface and size for Docker image

     [ https://issues.apache.org/jira/browse/SOLR-16752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Cuong Bui updated SOLR-16752:
-----------------------------
    Description: 
Hi,

I have created this issue here as a replacement for the pull request on GitHub: https://github.com/apache/solr-docker/pull/15.

To summarize, the Dockerfiles should contain the {{--no-install-recommends}} option wherever there is an {{apt-get install}} command. This should help improve the security of the container and reduce the risk of potential attacks.

In detail, the {{--no-install-recommends}} option helps remove unnecessary {{apt}} packages that are not needed for the container's functionality. This change can not only trim your image size but also reduce the attack surface.

I hope you find this information useful. Please let me know if you have any concerns.

Thank you.

  was:
Hi,

I create this issue here as a replacement for the pull request on GitHub: https://github.com/apache/solr-docker/pull/15.

For summarization, the Dockerfiles should contain {{--no-install-recommends }} there is a {{apt-get install}} command. This should help improve the security of container and reduce the risk of potential attacks. 

In detail,  {{--no-install-recommends }} option helps remove unnecessary {{apt}} packages, that were not needed for the container's functionality. Not only can this change trim your image size but it also can also reduce the attack surface.

I hope that you find them useful. Please let me know if you have any concerns.

Thank you.


> Reduce attack surface and size for Docker image
> -----------------------------------------------
>
>                 Key: SOLR-16752
>                 URL: https://issues.apache.org/jira/browse/SOLR-16752
>             Project: Solr
>          Issue Type: Improvement
>      Security Level: Public(Default Security Level. Issues are Public) 
>          Components: Docker
>    Affects Versions: 8.11
>            Reporter: Cuong Bui
>            Priority: Major
>              Labels: Docker, dockerfile
>
> Hi,
> I have created this issue here as a replacement for the pull request on GitHub: https://github.com/apache/solr-docker/pull/15.
> To summarize, the Dockerfiles should contain the {{--no-install-recommends}} option wherever there is an {{apt-get install}} command. This should help improve the security of the container and reduce the risk of potential attacks.
> In detail, the {{--no-install-recommends}} option helps remove unnecessary {{apt}} packages that are not needed for the container's functionality. This change can not only trim your image size but also reduce the attack surface.
> I hope you find this information useful. Please let me know if you have any concerns.
> Thank you.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscribe@solr.apache.org
For additional commands, e-mail: issues-help@solr.apache.org