docker:security:use_copy_instead_of_add
This is an old revision of the document!
Docker - Security - Use COPY instead of ADD
Arbitrary URLs specified for ADD could result in MITM attacks, or sources of malicious data.
In addition, ADD implicitly unpacks local archives which may not be expected and result in path traversal and Zip Slip vulnerabilities.
Use COPY, unless ADD is specifically required.
docker/security/use_copy_instead_of_add.1587238994.txt.gz · Last modified: 2020/07/15 09:30 (external edit)