0ct0pu5/moby
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

Fix security documentation, XSS -> CSRF

Browse source 
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
This commit is contained in:
Thomas Grainger 2016-04-15 11:27:09 +01:00 committed by Thomas Grainger
parent 172ca1ca8c
commit ea8f9c9723
No known key found for this signature in database
GPG key ID: 995EA0A029283160
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/security/security.md
View file

@ -106,7 +106,7 @@ arbitrary containers.
For this reason, the REST API endpoint (used by the Docker CLI to
communicate with the Docker daemon) changed in Docker 0.5.2, and now
uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the
latter being prone to cross-site-scripting attacks if you happen to run
latter being prone to cross-site request forgery attacks if you happen to run
Docker directly on your local machine, outside of a VM). You can then
use traditional UNIX permission checks to limit access to the control
socket.