Add Security section into README

2026-02-05 12:44:54 +01:00 · 2015-05-15 11:14:05 +02:00
parent 14c0ebafd9
commit 6f34c60349
1 changed files with 10 additions and 0 deletions
--- a/README.md
+++ b/README.md
@@ -120,6 +120,16 @@ $ export PATH=$PATH:${GOPATH}/src/github.com/openshift/source-to-image/_output/l
 $ hack/build-go.sh
 ```

+# Security
+
+Since the `sti` command use the Docker client library, the `sti` command has to
+run in the same security context as the `docker` command. For some systems, it
+is enough to add yourself into the 'docker' group to be able to work with Docker
+as 'non-root'. In the latest versions of Fedora/RHEL, it is recommended to use
+`sudo` command as this way is more auditable and secure.
+
+If you are using `sudo docker` command already, they you will have to also use
+`sudo sti` to give STI permissions to work with Docker directly.

 # Getting Started