moby--moby/docs/security/index.md

<!-- [metadata]>
+++
title = "Secure Engine"
description = "Sec"
keywords = ["seccomp, security, docker, documentation"]
[menu.main]
identifier="smn_secure_docker"
parent= "engine_use"
+++
<![end-metadata]-->

# Secure Engine

This section discusses the security features you can configure and use within your Docker Engine installation.

* You can configure Docker's trust features so that your users can push and pull trusted images. To learn how to do this, see [Use trusted images](trust/index.md) in this section.

* You can protect the Docker daemon socket and ensure only trusted Docker client connections. For more information, [Protect the Docker daemon socket](https.md)

* You can use certificate-based client-server authentication to verify a Docker daemon has the rights to access images on a registry. For more information, see [Using certificates for repository client verification](certificates.md).

* You can configure secure computing mode (Seccomp) policies to secure system calls in a container. For more information, see [Seccomp security profiles for Docker](seccomp.md).

* An AppArmor profile for Docker is installed with the official *.deb* packages. For information about this profile and overriding it, see [AppArmor security profiles for Docker](apparmor.md).
WIP: Update security docs for seccomp/apparmor Signed-off-by: Mary Anthony <mary@docker.com> Updaing and slight re-arrangement of security information Signed-off-by: Mary Anthony <mary@docker.com> Updating security files Signed-off-by: Mary Anthony <mary@docker.com> Updating links to the security documentation Signed-off-by: Mary Anthony <mary@docker.com> removing some extra spaces Signed-off-by: Mary Anthony <mary@docker.com> Correcting spelling Signed-off-by: Mary Anthony <mary@docker.com> 2015-11-14 21:01:24 -05:00			`<!-- [metadata]>`
			`+++`
Creating Engine specific menu Fixing the links Updating with Seb's comments Adding weight Fixing the engine aliases Updating after Arun pushed Removing empty file Signed-off-by: Mary Anthony <mary@docker.com> 2016-01-23 23:36:40 -05:00			`title = "Secure Engine"`
WIP: Update security docs for seccomp/apparmor Signed-off-by: Mary Anthony <mary@docker.com> Updaing and slight re-arrangement of security information Signed-off-by: Mary Anthony <mary@docker.com> Updating security files Signed-off-by: Mary Anthony <mary@docker.com> Updating links to the security documentation Signed-off-by: Mary Anthony <mary@docker.com> removing some extra spaces Signed-off-by: Mary Anthony <mary@docker.com> Correcting spelling Signed-off-by: Mary Anthony <mary@docker.com> 2015-11-14 21:01:24 -05:00			`description = "Sec"`
			`keywords = ["seccomp, security, docker, documentation"]`
			`[menu.main]`
			`identifier="smn_secure_docker"`
Creating Engine specific menu Fixing the links Updating with Seb's comments Adding weight Fixing the engine aliases Updating after Arun pushed Removing empty file Signed-off-by: Mary Anthony <mary@docker.com> 2016-01-23 23:36:40 -05:00			`parent= "engine_use"`
WIP: Update security docs for seccomp/apparmor Signed-off-by: Mary Anthony <mary@docker.com> Updaing and slight re-arrangement of security information Signed-off-by: Mary Anthony <mary@docker.com> Updating security files Signed-off-by: Mary Anthony <mary@docker.com> Updating links to the security documentation Signed-off-by: Mary Anthony <mary@docker.com> removing some extra spaces Signed-off-by: Mary Anthony <mary@docker.com> Correcting spelling Signed-off-by: Mary Anthony <mary@docker.com> 2015-11-14 21:01:24 -05:00			`+++`
			`<![end-metadata]-->`

Creating Engine specific menu Fixing the links Updating with Seb's comments Adding weight Fixing the engine aliases Updating after Arun pushed Removing empty file Signed-off-by: Mary Anthony <mary@docker.com> 2016-01-23 23:36:40 -05:00			`# Secure Engine`
WIP: Update security docs for seccomp/apparmor Signed-off-by: Mary Anthony <mary@docker.com> Updaing and slight re-arrangement of security information Signed-off-by: Mary Anthony <mary@docker.com> Updating security files Signed-off-by: Mary Anthony <mary@docker.com> Updating links to the security documentation Signed-off-by: Mary Anthony <mary@docker.com> removing some extra spaces Signed-off-by: Mary Anthony <mary@docker.com> Correcting spelling Signed-off-by: Mary Anthony <mary@docker.com> 2015-11-14 21:01:24 -05:00
			`This section discusses the security features you can configure and use within your Docker Engine installation.`

			`* You can configure Docker's trust features so that your users can push and pull trusted images. To learn how to do this, see [Use trusted images](trust/index.md) in this section.`

Fixing missing certs article; consolidating security material Entering comments from reviewers Updating with Derek's comments Fixing bad links reported by build Signed-off-by: Mary Anthony <mary@docker.com> 2016-01-20 15:46:40 -05:00			`* You can protect the Docker daemon socket and ensure only trusted Docker client connections. For more information, [Protect the Docker daemon socket](https.md)`

			`* You can use certificate-based client-server authentication to verify a Docker daemon has the rights to access images on a registry. For more information, see [Using certificates for repository client verification](certificates.md).`

WIP: Update security docs for seccomp/apparmor Signed-off-by: Mary Anthony <mary@docker.com> Updaing and slight re-arrangement of security information Signed-off-by: Mary Anthony <mary@docker.com> Updating security files Signed-off-by: Mary Anthony <mary@docker.com> Updating links to the security documentation Signed-off-by: Mary Anthony <mary@docker.com> removing some extra spaces Signed-off-by: Mary Anthony <mary@docker.com> Correcting spelling Signed-off-by: Mary Anthony <mary@docker.com> 2015-11-14 21:01:24 -05:00			`* You can configure secure computing mode (Seccomp) policies to secure system calls in a container. For more information, see [Seccomp security profiles for Docker](seccomp.md).`

			`* An AppArmor profile for Docker is installed with the official .deb packages. For information about this profile and overriding it, see [AppArmor security profiles for Docker](apparmor.md).`