CIS Docker 1.6 V1.0.0 L1 Docker

Details https://docs.docker.com/ reference/commandline/cli/#daemon Solution Run the Docker daemon as below-$> docker -d –log-level=’info’ Impact-None. Default Value-By default, Docker daemon is...

Details http://docs.docker.com/articles/registry_mirror/ Solution Configure a local registry mirror and then start the Docker daemon as below-$> docker –registry-mirror= -dFor example,$>...

Details https://github.com/docker/docker/pull/11109 Solution Only download the container images from a source you trust over a secure channel.Additionally, use features such...

Details https://docs.docker.com/articles/systemd/ Solution #> chmod 644 /usr/lib/systemd/system/docker-registry.service This would set the file permissions to ‘644’. Impact-None. Default Value-This file may...

Details https://docs.docker.com/articles/using_supervisord Solution Do not run multiple applications within a single container. Use container linking instead torun multiple applications in...

Details https://docs.docker.com/articles/systemd/ Solution #> chown root-root For example,#> chown root-root /etc/sysconfig/docker This would set the ownership and group-ownership for the...

Details https://docs.docker.com/articles/systemd/ Solution #> chmod 644 For example,#> chmod 644 /etc/sysconfig/dockerThis would set the file permissions for the environment file...

Details https://docs.docker.com/articles/systemd/ Supportive Information The following resource is also helpful. https://workbench.cisecurity.org/files/514 This security hardening control applies to the following category...

Details https://docs.docker.com/articles/systemd/ Solution #> chmod 644 /etc/sysconfig/docker-networkThis would set the file permissions to ‘644’. Impact-None. Default Value-This file may not...

Details If you are using Docker on a machine that uses systemd to manage services, then verify that the ‘docker-registry’...