The ability to build and run encrypted containers. We appreciate that some might object to our propensity towards hyperbole, given that seemingly sweeping statement. And that’s precisely what makes this release, frankly, a remarkable one; to quote from the release notes:
The major new feature of this release is the ability to build and run encrypted containers. These containers are encrypted at rest, in transit, and even while running! There is no intermediate decrypted rootfs left around upon termination. Data is decrypted totally in kernel space.
In other words, Singularity containers remain encrypted throughout their entire lifecycle – when they are created, when they are at rest or transferred around, and yes, even when they are in use. Owing to their use of kernel space for data decryption, there is no need to clean up a decrypted rootfs upon termination…
Read more at HPCwire
Pyro: A Comprehensive Pipeline for Eukaryotic Genome Assembly introduces a groundbreaking tool that can significantly advance our understanding of genetics and contribute to vital scientific discoveries. Pyro offers a comprehensive pipeline for assembling eukaryotic...
Ensuring Long-term Trust and Reliability of SIF Images: What You Need to Know As container runtimes technologies become more prevalent, it presents a dilemma for government, public, and private sector organizations. They must consider the long-term implications of...
The Apptainer project has recently published CVE-2023-30549. The associated