Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Enforce container signature verification #10

Open
aaannz opened this issue Dec 8, 2022 · 0 comments
Open

Enforce container signature verification #10

aaannz opened this issue Dec 8, 2022 · 0 comments
Labels
research Topics with unclear solution and even usability which needs to be clarified.

Comments

@aaannz
Copy link
Member

aaannz commented Dec 8, 2022

Currently iguana is not secure at all, download containers from whatever source and starts them. We need to add verification of containers they are from trusted source.

  • research cosign
  • how to trust only SUSE
  • how to trust user specified source
@aaannz aaannz added the research Topics with unclear solution and even usability which needs to be clarified. label Dec 8, 2022
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
research Topics with unclear solution and even usability which needs to be clarified.
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@aaannz