Details
http://docs.fedoraproject.org/en-US/Fedora/13/html/Security-Enhanced_Linux/
Solution
If SELinux is applicable for your Linux OS, use it. You may have to follow below set of steps-
1. Set the SELinux State.
2. Set the SELinux Policy.
3. Create or import a SELinux policy template for Docker containers.
4. Start Docker in daemon mode with SELinux enabled. For example,docker -d –selinux-enabled5. Start your Docker container using the security options. For example,docker run -i -t –security-opt label-level-TopSecret centos /bin/bashImpact-The container (process) would have set of restrictions as defined in SELinux policy. If your
SELinux policy is mis-configured, then the container may not entirely work as expected.Default Value-By default, no SELinux security options are applied on containers.
Supportive Information
The following resource is also helpful.
This security hardening control applies to the following category of controls within NIST 800-53: Access Control.This control applies to the following type of system Unix.