[clamav-users] CLAMAV: Docker Tag 0.104.2 has 9 Medium Vulnerabilities for Busy Box
Marc
Marc at f1-outsourcing.eu
Sun Feb 13 13:02:35 UTC 2022
> My team is new to maintaining images on Docker Hub. We hadn't yet
> identified the best practices for how to publish an image for the same
> ClamAV version with a new base image. After a little investigation, I
> settled on this on this scheme.
>
I can see ;)
This is of course crap.
# Wait forever (or until canceled)
exec tail -f "/dev/null"
The goal of the entrypoint.sh exec is that if it terminates the OC can take proper action, eg restart the task. In your case clamd can crash and no action will be taken, because the OC monitors a useless tail?????
More information about the clamav-users
mailing list