From 9059760164de804e6f9eb4bc5430b7d9c75d2e8a Mon Sep 17 00:00:00 2001 From: Wikid82 Date: Thu, 20 Nov 2025 22:37:46 -0500 Subject: [PATCH] fix: update Docker socket volume to read-only for security --- docker-compose.remote.yml | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docker-compose.remote.yml b/docker-compose.remote.yml index ad91937e..080dc61d 100644 --- a/docker-compose.remote.yml +++ b/docker-compose.remote.yml @@ -14,6 +14,6 @@ services: - "2375:2375" volumes: # Give the proxy access to the host's Docker socket - - /var/run/docker.sock:/var/run/docker.sock + - /var/run/docker.sock:/var/run/docker.sock:ro # Forward TCP traffic from port 2375 to the internal Docker socket command: tcp-listen:2375,fork,reuseaddr unix-connect:/var/run/docker.sock