The container platform runtime must fail to a secure state if system initialization fails, shutdown fails, or aborts fail.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-233122	SRG-APP-000225-CTR-000570	SV-233122r601749_rule		Medium

Description
The container platform offers services for container image orchestration and services for users. If any of these services were to fail into an insecure state, security measures for user and data separation and image instantiation could become absent. In addition, audit log protections could be relaxed allowing for investigation of what occurred could be lost. To protect services and data, it is important for the container platform to fail to a secure state if the container platform registry initialization fails, shutdown fails, or aborts fail.

Description

The container platform offers services for container image orchestration and services for users. If any of these services were to fail into an insecure state, security measures for user and data separation and image instantiation could become absent. In addition, audit log protections could be relaxed allowing for investigation of what occurred could be lost. To protect services and data, it is important for the container platform to fail to a secure state if the container platform registry initialization fails, shutdown fails, or aborts fail.

STIG	Date
Container Platform Security Requirements Guide	2021-12-14

Details

Check Text ( C-36058r601746_chk )
Review documentation and configuration to determine if the container platform runtime fails to a secure state if system initialization fails, shutdown fails, or aborts fail. If the container platform runtime cannot be configured to fail securely, this is a finding.

Fix Text (F-36026r600854_fix)
Configure the container platform runtime to fail to a secure state if system initialization fails, shutdown fails, or aborts fail.