Browse Source

Security note about docker socket mount

tf-0.12
Nemo 5 months ago
parent
commit
6cb2ffa736
  1. 3
      docker/conf/traefik.toml

3
docker/conf/traefik.toml

@ -23,6 +23,9 @@ checkNewVersion = false
[docker]
# Make sure you mount this as readonly
# NOTE: readonly doesn't reduce the risk because
# it is a unix socket - it doesn't automatically translate
# read|write perms to GET/POST requests.
endpoint = "unix:///var/run/docker.sock"
domain = "bb8.fun"
watch = true

Loading…
Cancel
Save