Finding ID | Version | Rule ID | IA Controls | Severity |
---|---|---|---|---|
V-235855 | DKER-EE-005210 | SV-235855r627692_rule | High |
Description |
---|
Verify that the /etc/docker directory ownership and group-ownership is correctly set to root. /etc/docker directory contains certificates and keys in addition to various sensitive files. Hence, it should be owned and group-owned by root to maintain the integrity of the directory. By default, the ownership and group-ownership for this directory is correctly set to root. |
STIG | Date |
---|---|
Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide | 2021-03-26 |
Check Text ( C-39074r627690_chk ) |
---|
Ensure that /etc/docker directory ownership is set to root:root. On CentOS host OS's, execute the below command to verify that the directory is owned and group-owned by root: stat -c %U:%G /etc/docker If root:root is not displayed, this is a finding. On Ubuntu host OS's, execute the below command to verify that the /etc/default/docker directory ownership is set to root:root: stat -c %U:%G /etc/default/docker If root:root is not displayed, this is a finding. |
Fix Text (F-39037r627691_fix) |
---|
Set the ownership and group-ownership for the directory to root. On CentOS host OS's, execute the following command: chown root:root /etc/docker On Ubuntu host OS's, execute the following command: chown root:root /etc/default/docker |