[
https://issues.apache.org/jira/browse/SOLR-16752?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Cuong Bui updated SOLR-16752:
-----------------------------
Description:
Hi,
I have created this issue here as a replacement for the pull request on GitHub:
https://github.com/apache/solr-docker/pull/15.
To summarize, the Dockerfiles should contain the {{--no-install-recommends}}
option wherever there is an {{apt-get install}} command. This should help
improve the security of the container and reduce the risk of potential attacks.
In detail, the {{--no-install-recommends}} option helps remove unnecessary
{{apt}} packages that are not needed for the container's functionality. This
change can not only trim your image size but also reduce the attack surface.
I hope you find this information useful. Please let me know if you have any
concerns.
Thank you.
was:
Hi,
I create this issue here as a replacement for the pull request on GitHub:
https://github.com/apache/solr-docker/pull/15.
For summarization, the Dockerfiles should contain {{--no-install-recommends }}
there is a {{apt-get install}} command. This should help improve the security
of container and reduce the risk of potential attacks.
In detail, {{--no-install-recommends }} option helps remove unnecessary
{{apt}} packages, that were not needed for the container's functionality. Not
only can this change trim your image size but it also can also reduce the
attack surface.
I hope that you find them useful. Please let me know if you have any concerns.
Thank you.
> Reduce attack surface and size for Docker image
> -----------------------------------------------
>
> Key: SOLR-16752
> URL: https://issues.apache.org/jira/browse/SOLR-16752
> Project: Solr
> Issue Type: Improvement
> Security Level: Public(Default Security Level. Issues are Public)
> Components: Docker
> Affects Versions: 8.11
> Reporter: Cuong Bui
> Priority: Major
> Labels: Docker, dockerfile
>
> Hi,
> I have created this issue here as a replacement for the pull request on
> GitHub: https://github.com/apache/solr-docker/pull/15.
> To summarize, the Dockerfiles should contain the {{--no-install-recommends}}
> option wherever there is an {{apt-get install}} command. This should help
> improve the security of the container and reduce the risk of potential
> attacks.
> In detail, the {{--no-install-recommends}} option helps remove unnecessary
> {{apt}} packages that are not needed for the container's functionality. This
> change can not only trim your image size but also reduce the attack surface.
> I hope you find this information useful. Please let me know if you have any
> concerns.
> Thank you.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
---------------------------------------------------------------------
To unsubscribe, e-mail: issues-unsubscr...@solr.apache.org
For additional commands, e-mail: issues-h...@solr.apache.org
