Details

https://docs.docker.com/ reference/commandline/cli

Solution

Do not run container with the –privileged flag.For example, do not start a container as below-$> docker run –privileged -i -t centos /bin/bash

Impact-Linux Kernel Capabilities other than defaults would not be available for use within
container.

Default Value-False.

Supportive Information

The following resource is also helpful.

• https://workbench.cisecurity.org/files/514https://workbench.cisecurity.org/files/514

This control applies to the following type of system Unix.

Source

• Tenable.com/audits