@@ -121,6 +121,15 @@ Build and Deployment:
121121 evidence : " "
122122 comments : " "
123123 Usage of a maximum lifetime for images :
124+ description : |-
125+ The maximum lifetime for a Docker container refers to the duration a container
126+ should be allowed to run before it is considered outdated, stale, or insecure.
127+ There is not a fixed, universally applicable maximum lifetime for a Docker
128+ container, as it varies depending on the specific use case, application
129+ requirements, and security needs. As a best practice, it is essential to define
130+ a reasonable maximum lifetime for containers to ensure that you consistently
131+ deploy the most recent, patched, and secure versions of both your custom base
132+ images and third-party images.
124133risk : Vulnerabilities in images of running containers stay for too long and
125134 might get exploited. Long running containers have potential memory leaks.
126135 A compromised container might get killed by restarting the container (e.g.
@@ -147,6 +156,15 @@ Build and Deployment:
147156 evidence : " "
148157 comments : " "
149158 Usage of a short maximum lifetime for images :
159+ description : |-
160+ The maximum lifetime for a Docker container refers to the duration a container
161+ should be allowed to run before it is considered outdated, stale, or insecure.
162+ There is not a fixed, universally applicable maximum lifetime for a Docker
163+ container, as it varies depending on the specific use case, application
164+ requirements, and security needs. As a best practice, it is essential to define
165+ a reasonable maximum lifetime for containers to ensure that you consistently
166+ deploy the most recent, patched, and secure versions of both your custom base
167+ images and third-party images.
150168risk : Vulnerabilities in running containers stay for too long and might get
151169 exploited.
152170 measure : |
0 commit comments