1

Many people are talking up the security benefits of Red Hat Atomic - being a read-only operating system - means substantially fewer vulnerabilities - particularly important in the cloud.

When I provision machine images with Packer - we install some software and then 'bake' an image - that we then use for other hosts.

To me it seems that with Red Hat Atomic -you must install some software than then 'bake' it in read-only mode.

In reading the documentation I can't see how to turn the key to lock it.

My question is: How do you 'bake' a Red Hat Atomic image in read-only mode?

Hawkeye
  • 2,699
  • 9
  • 30
  • 35
  • 1
    Actually a read-only OS doesn't mean fewer vulnerabilities. The vulnerabilities in the software are still there. It just means that vulnerabilities are harder to exploit because it is harder for exploits to write data on the system. – Tero Kilkanen Oct 12 '16 at 12:56
  • 1
    Great - can you help answer the question? – Hawkeye Oct 12 '16 at 20:43
  • Sorry, I have no experience in that. I just pointed out the difference in what you expect and what is the reality. – Tero Kilkanen Oct 12 '16 at 21:18

0 Answers0