Security has always been a challenge in any deployment. Infosec folks have historically been at odds with software engineers who just want stuff to work.
It's important for default settings in all applications to become more secure. Docker's default of running applications as root definitely created security concerns. There's already enough literature on how to secure Docker containers, but most of them involve more work. Orchestration frameworks like k8s are still young and will definitely get better with time and more exposure.
For further actions, you may consider blocking this person and/or reporting abuse
We're a place where coders share, stay up-to-date and grow their careers.
Security has always been a challenge in any deployment. Infosec folks have historically been at odds with software engineers who just want stuff to work.
It's important for default settings in all applications to become more secure. Docker's default of running applications as root definitely created security concerns. There's already enough literature on how to secure Docker containers, but most of them involve more work. Orchestration frameworks like k8s are still young and will definitely get better with time and more exposure.