Verify that Docker socket file ownership is set to root:docker – /var/run/docker.sock

Details

https://docs.docker.com/ reference/commandline/cli/#daemon-socket-option

Solution

#> chown root-docker /var/run/docker.sock
This would set the ownership to ‘root’ and group-ownership to ‘docker’ for default Docker
socket file.

Impact-None.

Default Value-By default, the ownership and group-ownership for Docker socket file is correctly set to
‘root-docker’.

Supportive Information

The following resource is also helpful.

https://workbench.cisecurity.org/files/514

This security hardening control applies to the following category of controls within NIST 800-53: Configuration Management.This control applies to the following type of system Unix.

References

800-53|CM-6b.
CSCv6|3.1

Source

Tenable.com/audits

Updated on July 16, 2022

Was this article helpful?

Yes No

Details

Solution

Supportive Information

References

Source

Related Articles