X-Original-To: alpine-user@lists.alpinelinux.org Received: from mail-wm0-f46.google.com (mail-wm0-f46.google.com [74.125.82.46]) by lists.alpinelinux.org (Postfix) with ESMTP id 2CBD75C4DD9 for ; Thu, 4 Jan 2018 23:51:14 +0000 (GMT) Received: by mail-wm0-f46.google.com with SMTP id i11so6182346wmf.4 for ; Thu, 04 Jan 2018 15:51:14 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=extremeshok-com.20150623.gappssmtp.com; s=20150623; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Q9G3Qd16Xwm4oJ9QWJ/rxkyG0OLx5WjVeP9x/bzXtOo=; b=ash9d6TXMx9Js9rlpR+3wM5nMJ9GyrzDqyy3NRYqB8o6Kxp0y2X7wJhwAlzDKM5v/W 53K0+G1v99S5nbtz6lHqGHRQblEp79ZcTykqbd8GZiJZ6wt5VYI186U9TBPUJfUdRexC WpsitNjHJRGdt4QmBNFDh1WljG4h2F15FEy9n8MiMzwwAb5fgzneAA0c12Nc5ACL9JpJ Q5o/z4h3gr80LvYPVST9CbWnQyUO2DZS+1gSYjR4aWdfqQZtEQQJom7mCf8DLBI4ToEa hHb0doPPmMhhUcKiCx6fxHKz/NcNb0dJdJqY/2zdDa6OWnEgUjj43xPDmd2L25/dfOOR DLYQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=Q9G3Qd16Xwm4oJ9QWJ/rxkyG0OLx5WjVeP9x/bzXtOo=; b=t8OYyukwKoxA8PUnN0D+Fq9cfktQp7S/kJCWAS7yQaRUPvHtBewpCLgNMA5VhBKFLS 30YK6gtybhRipqK5FGlRtvX81YWU4zNWKwhmu7ngwBBwPPrk7rcAOCoiXPKNM1brj45x dUyVhMz9XogUvD0AadUwlPvuo4USsHjfIJ2FRCX9lJdP8KZQrIbFlDDseXqitOGburPl F2iy+w7K9niwHHv2NBW25JaO/TZN+eDOWD8xeFnxec8/Or6OpHPkasVoO6n6fx4IuMa7 GiaDlJbmQFlp7C7HqiHwMAh6eL0Imw7jDFDlmLAHK3/QbUwrdGF9zlkRmEkE8WUGyIUi BSEQ== X-Gm-Message-State: AKGB3mIWUpReJpzZrx3B8rCbd/gTy02Q+d1x4Vp+azNKU/Ei6HTkYvML 8PPCdlQjPAT8oh5nJjTWG+VlXWp+WHo= X-Google-Smtp-Source: ACJfBotPCzqJImVKmZZz4tDmvRmhTORCYL/j3rxhmI91lf67mRSpz8frzfMIpGNquk3xRQ/Gxj3HfQ== X-Received: by 10.28.32.206 with SMTP id g197mr930645wmg.160.1515109873495; Thu, 04 Jan 2018 15:51:13 -0800 (PST) Received: from [10.0.0.3] (8ta-151-74-127.telkomadsl.co.za. [41.151.74.127]) by smtp.gmail.com with ESMTPSA id 52sm5474501wrz.80.2018.01.04.15.51.12 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 04 Jan 2018 15:51:12 -0800 (PST) Content-Type: multipart/alternative; boundary=Apple-Mail-83D9FB4A-6A80-4AC9-937A-4746DEF4CB94 X-Mailinglist: alpine-user Precedence: list List-Id: Alpine Development List-Unsubscribe: List-Post: List-Help: List-Subscribe: Mime-Version: 1.0 (1.0) Subject: Re: [alpine-user] MELTDOWN + SPECTRE From: "admin@extremeshok.com" X-Mailer: iPhone Mail (15C153) In-Reply-To: Date: Fri, 5 Jan 2018 01:51:09 +0200 Cc: Jakub Jirutka , "alpine-user@lists.alpinelinux.org" Content-Transfer-Encoding: 7bit Message-Id: References: To: "Piskule, Robert" --Apple-Mail-83D9FB4A-6A80-4AC9-937A-4746DEF4CB94 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable The patch against Meltdown is kernel only. Docker containers run within the k= ernel of the host system. This means the resistance against Meltdown depends= on the host kernel only. In other words: you don't need patches against Mel= tdown in the docker image and you cannot patch against Meltdown in the docke= r image. _________________ eXtremeSHOK.com _________________ > On 05 Jan 2018, at 01:50, Piskule, Robert wr= ote: >=20 > Jakub, thanks for getting back to me. > =20 > Yes, that is correct. Do you personally work for Alpine? Is this an offici= al answer from Alpine? > =20 > Thanks, > -Rob > =20 > From: Jakub Jirutka [mailto:jakub@jirutka.cz]=20 > Sent: Thursday, January 4, 2018 6:25 PM > To: Piskule, Robert > Cc: alpine-user@lists.alpinelinux.org > Subject: Re: [alpine-user] MELTDOWN + SPECTRE > =20 > Hi, > =20 > did I understand correctly that you run Alpine only inside a Docker contai= ner, not a host system? If so, then there=E2=80=99s nothing Alpine can do ag= ainst Meltdown or Spectre. The host system (its kernel) must be patched. > =20 > Jakub > =20 > On 4. Jan 2018, at 22:47, Piskule, Robert wr= ote: > =20 > I wanted to know if Alpine Linux is vulnerable to the recent Meltdown or S= pectre attacks. Are there any patches? If running from within Docker, is the= re anything I need to do? > =20 > Thanks, > -Rob > =20 --Apple-Mail-83D9FB4A-6A80-4AC9-937A-4746DEF4CB94 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable
The patch against Meltdown is kernel only. Docker contain= ers run within the kernel of the host system. This means the resistance agai= nst Meltdown depends on the host kernel only. In other words: you don't need= patches against Meltdown in the docker image and you cannot patch against M= eltdown in the docker image.

<= span style=3D"background-color: rgba(255, 255, 255, 0);">_________________ <= a href=3D"http://eXtremeSHOK.com">eXtremeSHOK.com _________________=

On 05 Jan 2018, at 01:50, Piskule, Robert <Robert.Piskule@jenzabar.com> wro= te:

=

Jakub, thanks for getting back to me.

 

Yes, that is correct. Do you personally= work for Alpine? Is this an official answer from Alpine?<= /p>

 

Thanks,

-Rob

 

From: Jakub Jirutka [mailto:jakub@jirutka.cz]
Sent: Thursday, January 4, 2018 6:25 PM
To: Piskule, Robert <Robert.Piskule@jenzabar.com>
Cc: alpine-user@= lists.alpinelinux.org
Subject: Re: [alpine-user] MELTDOWN + SPECTRE

 

Hi,

 

did I understand correctly that you run Alpine only i= nside a Docker container, not a host system? If so, then there=E2=80=99s not= hing Alpine can do against Meltdown or Spectre. The host system (its kernel)= must be patched.

 

Jakub

 

On 4. Jan 2018, at 22:47, Piskule, Robert <Robert.Piskule@jenzabar.com> w= rote:

 

I wanted to know if Alpine Linux is vulnerable to the= recent Meltdown or Spectre attacks. Are there any patches? If running from w= ithin Docker, is there anything I need to do?

 

Thanks,

-Rob

 

= --Apple-Mail-83D9FB4A-6A80-4AC9-937A-4746DEF4CB94-- --- Unsubscribe: alpine-user+unsubscribe@lists.alpinelinux.org Help: alpine-user+help@lists.alpinelinux.org ---