Can Docker Image Scan detect malicious code contained in an image (or layer)?

swlee

4/6/24, 12:10 PM

I put malicious code in a Docker image. I wonder if the scanner can detect malicious code.

I used the command which was given by GPT. The result of scanning the image I made myself (Ubuntu based, named t_mal:1.0) and the result of scanning the Ubuntu 20:04 image are the same. (Scan results are the same)trivy Image [imagename] --Vuln-type malware

[스캔 한 결과][1]

But I know this is an inappropriate command.

Is there a technology that can detect malicious code within docker images?

How can I detect malicious code within an image through an image scanner? (The image scanner doesn't have to be Trivy.)

[1]:스캔 한 결과 https://i.stack.imgur.com/xPKhT.jpg

0 + 0

docker

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: Can Docker Image Scan detect malicious code contained in an image (or layer)?

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.