kotovalexarian-likes-github/moby--moby
1
0
Fork 0
mirror of https://github.com/moby/moby.git synced 2022-11-09 12:21:53 -05:00
Code Releases Activity

Fix security documentation, XSS -> CSRF

Browse source 
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
(cherry picked from commit ea8f9c9723)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
This commit is contained in:
Thomas Grainger 2016-04-15 11:27:09 +01:00 committed by Sebastiaan van Stijn
parent d9cf30d7de
commit cde2df6db9
No known key found for this signature in database
GPG key ID: 76698F39D527CE8C
1 changed files with 1 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
docs/security/security.md
View file

@ -106,7 +106,7 @@ arbitrary containers.
For this reason, the REST API endpoint (used by the Docker CLI to
communicate with the Docker daemon) changed in Docker 0.5.2, and now
uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the
latter being prone to cross-site-scripting attacks if you happen to run
latter being prone to cross-site request forgery attacks if you happen to run
Docker directly on your local machine, outside of a VM). You can then
use traditional UNIX permission checks to limit access to the control
socket.