Dmitrii Kuvaiskii
Dmitrii Kuvaiskii
How does your native image even work? If I use it, I don't have `python3` at all: ``` $ docker run --rm -it --entrypoint /bin/bash ubuntu18.04-test-image root@1a7f289fb468:/# python3 bash: python3:...
Some thoughts on this list, coming from January 2021 (after GSC rework): ## GSC uses insecure environment variables This is not even true. GSC doesn't do *anything* about environment variables...
https://github.com/oscarlab/graphene/pull/2195 -- secure environment variables were added to GSC.
> Does GSC support remote attestation? Yes, you can look at this pending PR on how it can be done: https://github.com/gramineproject/gsc/pull/11. At some point, we'll merge this PR as an...
You can check this work in progress, for CentOS/RHEL support: https://github.com/gramineproject/gsc/pull/43
UPDATE: > Detect scripts as entrypoints and correctly change the entrypoint to the script interpreter This was fixed some time ago with https://github.com/gramineproject/gramine/pull/722, and is available in Gramine v1.3.
Please check if discussions in these similar issues help you: - https://github.com/gramineproject/examples/issues/22 - https://github.com/gramineproject/gsc/issues/42
Well, something tries to open the `""` (empty) path, which obviously fails. Looks like you have some bash script in your Postgres workload? Are you sure the bash script is...
I'm not sure what you mean by "interactive manner", but after you created a "graminized" Docker image (the one with the `gsc-` prefix), you can do whatever you want with...
> tried to add `-it --entrypoint /bin/bash` in `docker run`, and then I performed several experiments to measure the additional overhead caused by GSC. So at this point you enter...