DNS is really hard to do, if you want to prove that an implementation is memory safe. The only way that we found to do it originally was to constrain our DNS responses that we hand back to the application to the original 512 byte limit. But now we have things like Kubernetes with core DNS and DKIM and we have all of these arguably broken DNS servers out there That they'll like return nothing on UDP, even though that's not allowed by the DNS spec. And then if you query them by a TCP, then you get the real answer. So what we're doing now is we are adding TCP support to missile, but we're still going to respect the
Transcript
chevron_right
Play full episode
chevron_right
Transcript
Episode notes
In today’s episode, we talk about distroless, ko, apko, melange, musl and glibc. The context is Wolfi OS, a community Linux OS designed for the container and cloud-native era. If you are looking for the lightest possible container base image with 0 CVEs and both glibc and musl support, Wolfi OS & the related chainguard-images are worth checking out.
Ariadne Conill is an Alpine Linux TSC member & Software Engineer at Chainguard.
Changelog++ members save 5 minutes on this episode because they made the ads disappear. Join today!
Sponsors:
Sentry – Working code means happy customers. That’s exactly why teams choose Sentry. From error tracking to performance monitoring, Sentry helps teams see what actually matters, resolve problems quicker, and learn continuously about their applications - from the frontend to the backend. Use the code CHANGELOG and get the team plan free for three months.
FireHydrant – The reliability platform for every developer. Incidents impact everyone, not just SREs. FireHydrant gives teams the tools to maintain service catalogs, respond to incidents, communicate through status pages, and learn with retrospectives. Small teams up to 10 people can get started for free with all FireHydrant features included. No credit card required to sign up. Learn more at firehydrant.com/
Sourcegraph – Transform your code into a queryable database to create customizable visual dashboards in seconds. Sourcegraph recently launched Code Insights — now you can track what really matters to you and your team in your codebase. See how other teams are using this awesome feature at about.sourcegraph.com/code-insights
