> I wouldn't have expected `docker pull` in particular to allow arbitrary content injection.
Having read Docker source code and seen a repetitive pattern of silly mistakes with dire consequences, I emphatically would expect it to have such, and many other similar, issues.
My personal favorite is still the time they computed a hash of a download, but then failed to compare it to anything.
Having read Docker source code and seen a repetitive pattern of silly mistakes with dire consequences, I emphatically would expect it to have such, and many other similar, issues.
My personal favorite is still the time they computed a hash of a download, but then failed to compare it to anything.