STIGQter STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Docker Enterprise /etc/docker directory ownership must be set to root:root.

DISA Rule

SV-235855r627692_rule

Vulnerability Number

V-235855

Group Title

SRG-APP-000516

Rule Version

DKER-EE-005210

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

Set the ownership and group-ownership for the directory to root.

On CentOS host OS's, execute the following command:
chown root:root /etc/docker

On Ubuntu host OS's, execute the following command:
chown root:root /etc/default/docker

Check Contents

Ensure that /etc/docker directory ownership is set to root:root.

On CentOS host OS's, execute the below command to verify that the directory is owned and group-owned by root:
stat -c %U:%G /etc/docker

If root:root is not displayed, this is a finding.

On Ubuntu host OS's, execute the below command to verify that the /etc/default/docker directory ownership is set to root:root:
stat -c %U:%G /etc/default/docker

If root:root is not displayed, this is a finding.

Vulnerability Number

V-235855

Documentable

False

Rule Version

DKER-EE-005210

Severity Override Guidance

Ensure that /etc/docker directory ownership is set to root:root.

On CentOS host OS's, execute the below command to verify that the directory is owned and group-owned by root:
stat -c %U:%G /etc/docker

If root:root is not displayed, this is a finding.

On Ubuntu host OS's, execute the below command to verify that the /etc/default/docker directory ownership is set to root:root:
stat -c %U:%G /etc/default/docker

If root:root is not displayed, this is a finding.

Check Content Reference

M

Target Key

5281

Comments