UCF STIG Viewer Logo
Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

Docker Enterprise /etc/docker directory ownership must be set to root:root.


Overview

Finding ID Version Rule ID IA Controls Severity
V-235855 DKER-EE-005210 SV-235855r627692_rule High
Description
Verify that the /etc/docker directory ownership and group-ownership is correctly set to root. /etc/docker directory contains certificates and keys in addition to various sensitive files. Hence, it should be owned and group-owned by root to maintain the integrity of the directory. By default, the ownership and group-ownership for this directory is correctly set to root.
STIG Date
Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide 2021-03-26

Details

Check Text ( C-39074r627690_chk )
Ensure that /etc/docker directory ownership is set to root:root.

On CentOS host OS's, execute the below command to verify that the directory is owned and group-owned by root:
stat -c %U:%G /etc/docker

If root:root is not displayed, this is a finding.

On Ubuntu host OS's, execute the below command to verify that the /etc/default/docker directory ownership is set to root:root:
stat -c %U:%G /etc/default/docker

If root:root is not displayed, this is a finding.
Fix Text (F-39037r627691_fix)
Set the ownership and group-ownership for the directory to root.

On CentOS host OS's, execute the following command:
chown root:root /etc/docker

On Ubuntu host OS's, execute the following command:
chown root:root /etc/default/docker