Added Docker Pull to the content trust verification process

2026-03-27 22:38:54 +07:00 · 2019-03-08 16:11:02 +00:00
parent 2ee6341348
commit eb68c3d408
1 changed files with 1 additions and 0 deletions
--- a/engine/security/trust/content_trust.md
+++ b/engine/security/trust/content_trust.md
@@ -230,6 +230,7 @@ trusted sources, with repositories and tags signed with the commands [above](#si

 Engine Signature Verification prevents the following:
 * `$ docker container run` of an unsigned image.
+* `$ docker pull` of an unsigned image.
 * `$ docker build` where the `FROM` image is not signed or is not scratch.

 DCT does not verify that a running container’s filesystem has not been altered