Home Explore Help
Register Sign In
fphammerle
/
docker-mysqldump-sshd
mirror of https://github.com/fphammerle/docker-mysqldump-sshd
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

docker-compose: drop capabilities

Fabian Peter Hammerle 3 years ago
parent
1df2d4904c
commit
da2d1389d2
1 changed files with 2 additions and 1 deletions
Split View Show Diff Stats
  1. 2 1
      docker-compose.yml

+ 2 - 1
docker-compose.yml
View File 

@@ -38,8 +38,9 @@ services:
 
     read_only: true
 
     ports:
 
     - 127.0.0.1:2222:2222
 
-    security_opt: ['no-new-privileges']
 
+    cap_drop: [ALL]
 
     # strace
 
     # cap_add: [SYS_PTRACE]
 
+    security_opt: [no-new-privileges]
 
 
 # https://docs.docker.com/compose/compose-file/compose-file-v2/