containers
/
podman
mirror of https://github.com/containers/podman.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #26263 from tangentsoft/network-host-doc-warning 

Clarified the consequences of --network=host
This commit is contained in:
openshift-merge-bot[bot] 2025-06-12 16:07:19 +00:00 committed by GitHub
parent 09e2a87508 0080368fd6
commit 98e6d857d1
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
docs/source/markdown/options/network.md
View File

@ -27,7 +27,7 @@ Valid _mode_ values are:
- **container:**_id_: Reuse another container's network stack. - **container:**_id_: Reuse another container's network stack.
- **host**: Do not create a network namespace, the container uses the host's network. Note: The host mode gives the container full access to local system services such as D-bus and is therefore considered insecure. - **host**: Use the host's network namespace for the container instead of creating an isolated namespace. Warning: This gives the container full access to abstract Unix domain sockets and to TCP/UDP sockets bound to localhost. Since these mechanisms are often used to prevent access to sensitive system services, isolating them from access by external entities, use of this option may be considered a security vulnerability.
- **ns:**_path_: Path to a network namespace to join. - **ns:**_path_: Path to a network namespace to join.