toolshed/docker-cli
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Fix security documentation, XSS -> CSRF

Browse Source 
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
Upstream-commit: ea8f9c972393e0929e643190573412410bf39c6a
Component: engine
This commit is contained in:
Thomas Grainger
2016-04-15 11:27:09 +01:00
committed by Thomas Grainger
parent 4e9b36b9f3
commit a713f0b76d
1 changed files with 1 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
components/engine/docs/security/security.md
View File

@ -106,7 +106,7 @@ arbitrary containers.
For this reason, the REST API endpoint (used by the Docker CLI to
communicate with the Docker daemon) changed in Docker 0.5.2, and now
uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the
latter being prone to cross-site-scripting attacks if you happen to run
latter being prone to cross-site request forgery attacks if you happen to run
Docker directly on your local machine, outside of a VM). You can then
use traditional UNIX permission checks to limit access to the control
socket.