diff options
author | Thomas Grainger <tagrain@gmail.com> | 2016-04-15 11:27:09 +0100 |
---|---|---|
committer | Sebastiaan van Stijn <github@gone.nl> | 2016-04-28 13:20:42 +0200 |
commit | cde2df6db9b255533b2bb011c399910cdddb7ac7 (patch) | |
tree | 4c66faea66eb81871b9a63ccd0109ec497ffac40 | |
parent | d9cf30d7de4cdf0acc41217a1b5349303f6a15ce (diff) | |
download | docker-cde2df6db9b255533b2bb011c399910cdddb7ac7.tar.gz |
Fix security documentation, XSS -> CSRF
Signed-off-by: Thomas Grainger <tagrain@gmail.com>
(cherry picked from commit ea8f9c972393e0929e643190573412410bf39c6a)
Signed-off-by: Sebastiaan van Stijn <github@gone.nl>
-rw-r--r-- | docs/security/security.md | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/docs/security/security.md b/docs/security/security.md index b9738a3ce8..88b5b3f09a 100644 --- a/docs/security/security.md +++ b/docs/security/security.md @@ -106,7 +106,7 @@ arbitrary containers. For this reason, the REST API endpoint (used by the Docker CLI to communicate with the Docker daemon) changed in Docker 0.5.2, and now uses a UNIX socket instead of a TCP socket bound on 127.0.0.1 (the -latter being prone to cross-site-scripting attacks if you happen to run +latter being prone to cross-site request forgery attacks if you happen to run Docker directly on your local machine, outside of a VM). You can then use traditional UNIX permission checks to limit access to the control socket. |