Fix security documentation, XSS -> CSRF
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
(cherry picked from commit ea8f9c9723
)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
parent
d9cf30d7de
commit
cde2df6db9
1 changed files with 1 additions and 1 deletions
|
@ -106,7 +106,7 @@ arbitrary containers.
|
|||
For this reason, the REST API endpoint (used by the Docker CLI to
|
||||
communicate with the Docker daemon) changed in Docker 0.5.2, and now
|
||||
uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the
|
||||
latter being prone to cross-site-scripting attacks if you happen to run
|
||||
latter being prone to cross-site request forgery attacks if you happen to run
|
||||
Docker directly on your local machine, outside of a VM). You can then
|
||||
use traditional UNIX permission checks to limit access to the control
|
||||
socket.
|
||||
|
|
Loading…
Reference in a new issue