author | Nemo <commits@captnemo.in> | 2021-02-02 14:07:15.0 +05:30:00 |
---|---|---|
committer | Nemo <commits@captnemo.in> | 2021-02-02 14:07:15.0 +05:30:00 |
commit | 6cb2ffa7360a3d3375791a4e250af1cb21065942 [patch] |
|
tree | b822a9360a5c959bd234a397811f9340c3848735 |
|
parent | d90a67539fc220ff335a510c0c70b5e8d41fc59a |
|
download | 6cb2ffa7360a3d3375791a4e250af1cb21065942.tar.gz |
Security note about docker socket mount
Diff
docker/conf/traefik.toml | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docker/conf/traefik.toml b/docker/conf/traefik.toml index a411dc6..eb20faa 100644 --- a/docker/conf/traefik.toml +++ a/docker/conf/traefik.toml @@ -23,6 +23,9 @@ [docker] # Make sure you mount this as readonly # NOTE: readonly doesn't reduce the risk because # it is a unix socket - it doesn't automatically translate # read|write perms to GET/POST requests. endpoint = "unix:///var/run/docker.sock" domain = "bb8.fun" watch = true