docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Update security.md

This commit is contained in:
Anne Henmi 2018-10-25 13:16:13 -06:00 committed by GitHub
parent ee2172416f
commit 3b86535170
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 6 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
engine/security/security.md
View File

@ -202,12 +202,10 @@ those explicitly required for their processes.
## Docker Content Trust Signature Verification
The Docker Content Trust signature verification feature is built directly
into the `dockerd` binary. The Docker Engine can be configured to only
permitted to run signed images. This is configured in the Dockerd
configuration file. To incorporate this, the Docker Engine has
trustpinning configured in the `daemon.json` file. To enable this feature,
trustpinning can be configured in daemon.json file, whereby only repositories
signed with a user-specified root key will be allowed to be pulled and run.
into the `dockerd` binary. The Docker Engine can be configured to only run
signed images. This is configured in the Dockerd configuration file.
To enable this feature, trustpinning can be configured in `daemon.json`, whereby
only repositories signed with a user-specified root key can be pulled and run.
This provides insight to administrators that was not previously available with
the CLI being responsible for enforcing and performing image signature verification.