@dalias of course you should have to care. You should know what code you're running on your machines. Even if it's abstracted into a container for easier distribution within your organisation.

@quixoticgeek Well it depends on whether you're using what's in that container as part of a system outside it where the integrity of the outputs matter, or using it as a way to isolate stuff you don't want to have to trust.

@dalias why would you be running untrusted code ?

@quixoticgeek To study it. To play a game. Because a school or employer demands it. To experiment. To learn. To communicate with someone on a proprietary platform. Probably lots of other reasons.

@dalias those don't sound very production oriented. Using a container for R&D on your laptop, or in the dev cluster, is very different from grabbing a container from some online repo and deploying it to dozens of machines in production.