| On 10.06.2014 23:48, d...@geer.org wrote: | > | > Of possible interest. | > | | Hi, | | I fail to see where docker fits within langsec? | | Could you please explain this a bit?
I just thought it was interesting to have yet another "write once, run anywhere" utopia showing up when as far as I can tell such utopias are guaranteed to exhibit the very problems that the LANGSEC mindset so aptly warns about. Quoting Docker's come-on, Docker is an open platform for developers and sysadmins to build, ship, and run distributed applications. Consisting of Docker Engine, a portable, lightweight runtime and packaging tool, and Docker Hub, a cloud service for sharing applications and automating workflows, Docker enables apps to be quickly assembled from components and eliminates the friction between development, QA, and production environments. As a result, IT can ship faster and run the same app, unchanged, on laptops, data center VMs, and any cloud. Doesn't that have to produce impedance mismatches between components that have been assembled with this new kind of glue (Component A expects sanitized input but it is getting something else from Component B)? In any case, the idea that the operating system has been abstracted away to the point of irrelevance just rubs me the wrong way -- me and David Wheeler: All problems in computer science can be solved by another level of indirection... Except for the problem of too many layers of indirection. In the meantime, the group of Clark, Smith, Blaze, and others at Penn have convinced me that application code reuse is a net negative for cyber security; that's a little orthogonal, but not entirely. YMMV, --dan _______________________________________________ langsec-discuss mailing list langsec-discuss@mail.langsec.org https://mail.langsec.org/cgi-bin/mailman/listinfo/langsec-discuss
