Alpine vs. Distroless: Choosing Your Minimalist Base
Alpine gives you a shell and apk; Distroless gives you nothing but the app. Compare attack surface, image size, and multi-stage build complexity.
Tag: container security
All the articles with the tag "container security".
Distroless: How to Build Slim, Secure Containers
Distroless images contain only your app and its runtime — no shell, no package manager, no attack surface. Here's how to build them.
AppArmor vs SELinux: Mandatory Access Control Without the Existential Dread
AppArmor vs SELinux explained: what mandatory access control actually does, how to write AppArmor profiles with aa-genprof, navigate SELinux labels and audit2allow, and when to use each.
Running Docker Containers as Non-Root (And Why You Should)
Running as root in containers is a security foot-gun. Learn the USER instruction and numeric UID/GID pattern.