Control: severity -1 normal On Tue, Jun 11, 2019 at 6:09 PM Shengjing Zhu <[email protected]> wrote: > > Hi, > > I checked more carefully on https://github.com/moby/moby/pull/28257 > and https://github.com/moby/moby/issues/14041 > Then I concluded that docker does nothing wrong in this case. > [...]
With the reason I explained last week, I would downgrade this issue. Arnaud, when you upload new version for the CVE issue, could you amend the README.Debian to tell people that if they don't want docker to set default FORWARD policy to DROP, they should enable ip_forward intentionally. (I bet your english is better than me to draft a phrase...) -- Shengjing Zhu
