![]() Implements the policies for the remaining binaries called by the Docker engine and eliminates the giant whitelisted 'all files' permission in favor of granular whitelisting and child-specific policies. It should be possible now to remove the 'file' permission, but for the sake of keeping Docker unbroken, we'll try to gradually tighten the policy. Signed-off-by: Eric Windisch <eric@windisch.us> |
||
---|---|---|
.. | ||
apparmor | ||
builder | ||
completion | ||
desktop-integration | ||
docker-device-tool | ||
host-integration | ||
httpserver | ||
init | ||
mkimage | ||
reprepro | ||
syntax | ||
udev | ||
vagrant-docker | ||
README | ||
REVIEWERS | ||
check-config.sh | ||
dockerize-disk.sh | ||
download-frozen-image.sh | ||
mkimage-alpine.sh | ||
mkimage-arch-pacman.conf | ||
mkimage-arch.sh | ||
mkimage-busybox.sh | ||
mkimage-crux.sh | ||
mkimage-debootstrap.sh | ||
mkimage-rinse.sh | ||
mkimage-yum.sh | ||
mkimage.sh | ||
mkseccomp.pl | ||
mkseccomp.sample | ||
nuke-graph-directory.sh | ||
project-stats.sh | ||
report-issue.sh |
README
The `contrib` directory contains scripts, images, and other helpful things which are not part of the core docker distribution. Please note that they could be out of date, since they do not receive the same attention as the rest of the repository.