docker:socket_proxy
Differences
This shows you the differences between two versions of the page.
| Both sides previous revisionPrevious revisionNext revision | Previous revision | ||
| docker:socket_proxy [2025/07/21 11:37] – peter | docker:socket_proxy [2025/07/21 11:39] (current) – peter | ||
|---|---|---|---|
| Line 2: | Line 2: | ||
| **Socket Proxy** is a security-enhanced proxy which allows you to apply access rules to the Docker socket, limiting the attack surface for containers that need to use it. | **Socket Proxy** is a security-enhanced proxy which allows you to apply access rules to the Docker socket, limiting the attack surface for containers that need to use it. | ||
| + | |||
| + | Giving access to the Docker socket could mean giving root access to the host, or even to your whole swarm, but some services require hooking into that socket to react to events, etc. | ||
| + | |||
| + | * Using this proxy lets you block anything you consider those services should not do. | ||
| ---- | ---- | ||
| - | [[Docker: | + | [[Docker: |
docker/socket_proxy.1753097831.txt.gz · Last modified: 2025/07/21 11:37 by peter