docker
/
docs
mirror of https://github.com/docker/docs.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Change wording for setting capabilities lists 

Update the wording for allow/deny approach for setting capabilities.
This commit is contained in:
Aðalsteinn Rúnarsson 2020-08-27 15:07:46 +00:00 committed by GitHub
parent c9f8d88959
commit 51cf315c4e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
engine/security/security.md
View File

@ -192,7 +192,7 @@ This doesn't affect regular web apps, but reduces the vectors of attack by
malicious users considerably. By default Docker
drops all capabilities except [those
needed](https://github.com/moby/moby/blob/master/oci/defaults.go#L14-L30),
a whitelist instead of a blacklist approach. You can see a full list of
an allowlist instead of a denylist approach. You can see a full list of
available capabilities in [Linux
manpages](http://man7.org/linux/man-pages/man7/capabilities.7.html).