docker:socket_proxy
Differences
This shows you the differences between two versions of the page.
| Next revision | Previous revision | ||
| docker:socket_proxy [2025/07/21 11:36] – created peter | docker:socket_proxy [2025/07/21 11:39] (current) – peter | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| **Socket Proxy** is a security-enhanced proxy which allows you to apply access rules to the Docker socket, limiting the attack surface for containers that need to use it. | **Socket Proxy** is a security-enhanced proxy which allows you to apply access rules to the Docker socket, limiting the attack surface for containers that need to use it. | ||
| + | |||
| + | Giving access to the Docker socket could mean giving root access to the host, or even to your whole swarm, but some services require hooking into that socket to react to events, etc. | ||
| + | |||
| + | * Using this proxy lets you block anything you consider those services should not do. | ||
| ---- | ---- | ||
| - | [[Docker: | + | [[Docker: |
| Line 13: | Line 17: | ||
| https:// | https:// | ||
| + | |||
| + | https:// | ||
| + | |||
docker/socket_proxy.1753097803.txt.gz · Last modified: 2025/07/21 11:36 by peter