forked from TrueCloudLab/distribution
Merge pull request #6912 from perlun/patch-1
nginx.md: Add note about potential security isues
This commit is contained in:
commit
3aa9c1e8f8
1 changed files with 5 additions and 0 deletions
|
@ -38,6 +38,11 @@ you want through the secondary authentication mechanism implemented inside your
|
|||
proxy, it also requires that you move TLS termination from the Registry to the
|
||||
proxy itself.
|
||||
|
||||
> ***NOTE:*** Docker does not recommend binding your registry to `localhost:5000` without
|
||||
> authentication. This creates a potential loophole in your Docker Registry security.
|
||||
> As a result, anyone who can log on to the server where your Docker Registry is running
|
||||
> can push images without authentication.
|
||||
|
||||
Furthermore, introducing an extra http layer in your communication pipeline
|
||||
makes it more complex to deploy, maintain, and debug. Make sure the extra
|
||||
complexity is required.
|
||||
|
|
Loading…
Reference in a new issue