SV-235852r627683_rule
V-235852
SRG-APP-000516
DKER-EE-005180
CAT II
10
Step 1: Find out the file location:
systemctl show -p FragmentPath docker.service
Step 2: If the file exists, execute the below command with the correct file path to set the file permissions to 644.
Example:
chmod 644 /usr/lib/systemd/system/docker.service
Ensure that docker.service file permissions are set to 644 or more restrictive.
Step 1: Find out the file location:
systemctl show -p FragmentPath docker.service
Step 2: If the file does not exist, this is not a finding.
If the file exists, execute the below command with the correct file path to verify that the file permissions are set to 644 or more restrictive.
stat -c %a /usr/lib/systemd/system/docker.service
If the file permissions are not set to 644 or a more restrictive permission, this is a finding.
V-235852
False
DKER-EE-005180
Ensure that docker.service file permissions are set to 644 or more restrictive.
Step 1: Find out the file location:
systemctl show -p FragmentPath docker.service
Step 2: If the file does not exist, this is not a finding.
If the file exists, execute the below command with the correct file path to verify that the file permissions are set to 644 or more restrictive.
stat -c %a /usr/lib/systemd/system/docker.service
If the file permissions are not set to 644 or a more restrictive permission, this is a finding.
M
5281