docker-bench-security
docker-bench-security copied to clipboard
docker
The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.
rootless
Any chance to have a version for docker setup with rootless mode? Since docker 20.10 rootless mode is no longer experimental, and its production ready. https://docs.docker.com/engine/security/rootless/ Thank you
Hello, The assessment results contain different statuses, i.e. WARN, INFO, PASS. Could you please document the definition of this status, in the wiki or point me to a page where...
Please add docker daemon socket security checks. `tcp://0.0.0.0:4243/version` or `unix:///var/run/docker.sock` , if open, could you please add a check to see if there is an authentication mechanism in place ?...
The definition of 1.1.9 in the published CIS Docker Benchmarks is ambiguous. Steps 1 & 2 locate the actual socket, then step 3 checks that the systemctl file is being...
Hey all, this is part question and part suggestion. When running Docker-Bench as part of a CI (in particular, running it from the [Docker container](https://github.com/docker/docker-bench-security#run-with-docker) method), shouldn't the execution exit...
https://github.com/docker/docker-bench-security/issues/556
https://github.com/docker/docker-bench-security/issues/556
Describe the bug A clear and concise description of what the bug is. If you set up docker in rootless mode, you can not run the test Setup docker rootless...
Would adding support for Docker rootless mode be possible? There was an old issue that got closed because CIS didn't include it in its release but CIS Docker v1.7.0 includes...
I've changed data-root in Docker's `daemon.json` to a new partition and location but test `1.1.5` doesn't take that into account and still assumes to look for `/var/lib/docker`... I believe `1.1.5`...
