docker-bench-security
docker-bench-security copied to clipboard
docker
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
I'm using docker-bench-security on a Mac to check images. Using parameters that specify both checks to include and exclude results in a sed error on BSD systems. For example, ```...
I'm using this excellent utility to assess compliance. We set the following in our /etc/docker/daemon.json: ``` { "log-opt": syslog-address=tcp:// } ``` Doing this causes check_2_7 to trigger incorrectly because of...
The reason why we should not execute ps command in containers: * some containers don't have ps command. * if a container shares the PID namespace with the host machine,...
Docker Desktop (windows) version: Docker 20.10.7, build f0df350 Docker Bench Security: Docker Bench for Security v1.3.4 Execution enviornment: WSL2 Ubuntu 20.0.4 Issue: From the scan, I've got the following warning:...
Hi, I'm trying to run under WSL1 (can't upgrade to WSL2 just yet) using these instructions https://nickjanetakis.com/blog/setting-up-docker-for-windows-and-wsl-to-work-flawlessly. Seems to work OK, and gives hello-world is working OK. However, when I...
v1.3.5 was just released; https://github.com/docker/docker-bench-security/releases/tag/v1.3.5. The image needs to be signed by Docker, have a :latest and a version tag added to the image and published.
See the attached snapshot to identify the problem (see "items" object).  .
The company I'm working with have been using docker-bench-security and docker-bench-test on Linux with great results. We're now heavily migrating a bunch of Windows apps across to Docker and it...
In version 3 compose has another [restart configuration](https://docs.docker.com/compose/compose-file/#restart_policy) ``` version: "3" services: redis: image: redis:alpine deploy: restart_policy: condition: on-failure delay: 5s max_attempts: 3 window: 120s ``` And this configuration doesn't...
