From 69aedaf28ae9ab4c4adab73d28b5339167eb6740 Mon Sep 17 00:00:00 2001 From: scjane Date: Mon, 20 Feb 2017 19:03:26 +0800 Subject: [PATCH] Update security.md (#1858) --- engine/security/security.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/engine/security/security.md b/engine/security/security.md index 1972086f32..821bb69cfd 100644 --- a/engine/security/security.md +++ b/engine/security/security.md @@ -114,8 +114,8 @@ certificates. You can also secure them with [HTTPS and certificates](https.md). The daemon is also potentially vulnerable to other inputs, such as image -loading from either disk with 'docker load', or from the network with -'docker pull'. As of Docker 1.3.2, images are now extracted in a chrooted +loading from either disk with `docker load`, or from the network with +`docker pull`. As of Docker 1.3.2, images are now extracted in a chrooted subprocess on Linux/Unix platforms, being the first-step in a wider effort toward privilege separation. As of Docker 1.10.0, all images are stored and accessed by the cryptographic checksums of their contents, limiting the