docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

add L62-L77 

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
This commit is contained in:
Thomas Sjögren 2016-10-27 11:26:33 +02:00
parent a61c5998f1
commit 05e7b79da0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
engine/security/security.md
View File

@ -197,7 +197,7 @@ to the host.
This won't affect regular web apps; but malicious users will find that This won't affect regular web apps; but malicious users will find that
the arsenal at their disposal has shrunk considerably! By default Docker the arsenal at their disposal has shrunk considerably! By default Docker
drops all capabilities except [those drops all capabilities except [those
needed](https://github.com/docker/docker/blob/master/oci/defaults_linux.go), needed](https://github.com/docker/docker/blob/master/oci/defaults_linux.go#L62-L77),
a whitelist instead of a blacklist approach. You can see a full list of a whitelist instead of a blacklist approach. You can see a full list of
available capabilities in [Linux available capabilities in [Linux
manpages](http://man7.org/linux/man-pages/man7/capabilities.7.html). manpages](http://man7.org/linux/man-pages/man7/capabilities.7.html).