You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The examples/Dockerfile file, while an example, I think is risky to have as-is given many folks out there may not realise the security implications of this line:
COPY server.key /etc/mysql/conf.d/server-key.pem
which stores a copy of the private key in the docker image.
At the very least, there should be some kind of warning around this file to say this shouldn't be done in production. Better would be to not do this in the first place and instead provide an example of how to volume mount the keys into the container at runtime.
The text was updated successfully, but these errors were encountered:
The examples/Dockerfile file, while an example, I think is risky to have as-is given many folks out there may not realise the security implications of this line:
which stores a copy of the private key in the docker image.
At the very least, there should be some kind of warning around this file to say this shouldn't be done in production. Better would be to not do this in the first place and instead provide an example of how to volume mount the keys into the container at runtime.
The text was updated successfully, but these errors were encountered: