docker_practice/security/daemon_sec.md

20 lines
2.6 KiB
Go
Raw Permalink Blame History

This file contains ambiguous Unicode characters!

This file contains ambiguous Unicode characters that may be confused with others in your current locale. If your use case is intentional and legitimate, you can safely ignore this warning. Use the Escape button to highlight these characters.

# Docker
Docker Docker root
访 Docker Docker 访`/` `/host`
web
Docker REST API 0.5.2 使 Unix 127.0.0.1 TCP 使 Unix 访
HTTP REST API 访使 VPN stunnel ssl 访使 [ HTTPS ](https://docs.docker.com/engine/security/https/) 来加强保护。
Linux 使 root
2
* root [ root ](https://docs.docker.com/engine/security/userns-remap/),减轻容器和主机之间因权限提升而引起的安全问题;
* Docker [ root (rootless )](https://docs.docker.com/engine/security/rootless/) 下运行,利用安全可靠的子进程来代理执行需要特权权限的操作。这些子进程将只允许在限定范围内进行操作,例如仅仅负责虚拟网络设定或文件系统管理、配置操作等。
Docker ssh nrpecollectd