Red Hat Security Blog: December 2014 archives

  • Before you initiate a "docker pull"

    In addition to the general challenges that are inherent to isolating containers, Docker brings with it an entirely new attack surface in the form of its automated fetching and installation mechanism, "docker pull". It may be counter-intuitive, but "docker pull" both fetches and unpacks a container image in one step. There is no verification step and, surprisingly, malformed packages can compromise a system even if the container itself is never run. Many of the CVE's issues against Docker have...
    Posted 2014-12-18T14:30:57+00:00 - 0
  • Container Security: Isolation Heaven or Dependency Hell

    Docker is the public face of Linux containers and two of Linux's unsung heroes: control groups (cgroups) and namespaces. Like virtualization, containers are appealing because they help solve two of the oldest problems to plague developers: "dependency hell" and "environmental hell." Closely related, dependency and environmental hell can best be thought of as the chief cause of "works for me" situations. Dependency hell simply describes the complexity inherent in modern application's tangled...
    Posted 2014-12-17T14:30:37+00:00 - 0
  • Analysis of the CVE-2013-6435 Flaw in RPM

    The RPM Package Manager (RPM) is a powerful command-line driven package management system capable of installing, uninstalling, verifying, querying, and updating software packages. RPM was originally written in 1997 by Erik Troan and Marc Ewing. Since then RPM has been successfully used in all versions of Red Hat Linux and currently in Red Hat Enterprise Linux. RPM offers considerable advantages over traditional open-source software install methodology of building from source via tar balls,...
    Posted 2014-12-10T14:30:50+00:00 - 0
  • Disabling SSLv3 on the client and server

    Recently, some Internet search engines announced that they would prefer websites secured with encryption over those that were not.  Of course there are other reasons why securing your website with encryption is beneficial.  Protecting authentication credentials, mitigating the use of cookies as a means of tracking and allowing access, providing privacy of your users, and authenticating your own server thus protecting the information you are trying to convey to your users.  And while setting up...
    Posted 2014-12-03T14:30:23+00:00 - 0

Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.