STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Docker Enterprise server certificate key file permissions must be set to 400.

DISA Rule

SV-235864r627719_rule

Vulnerability Number

V-235864

Group Title

SRG-APP-000516

Rule Version

DKER-EE-005300

Severity

CAT I

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

Set the Docker server certificate key file permissions to 400.

Run the following command:
chmod 400 <path to Docker server certificate key file>

Check Contents

Ensure that Docker server certificate key file permissions are set to 400.

Execute the below command to verify that the Docker server certificate key file has permissions of 400:

stat -c %a <path to Docker server certificate key file>

If the permissions are not set to 400, this is a finding.

Vulnerability Number

V-235864

Documentable

False

Rule Version

DKER-EE-005300

Severity Override Guidance

Ensure that Docker server certificate key file permissions are set to 400.

Execute the below command to verify that the Docker server certificate key file has permissions of 400:

stat -c %a <path to Docker server certificate key file>

If the permissions are not set to 400, this is a finding.

Check Content Reference

M

Target Key

5281

Comments