STIGQter STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Docker Enterprise daemon.json file permissions must be set to 644 or more restrictive.

DISA Rule

SV-235868r627731_rule

Vulnerability Number

V-235868

Group Title

SRG-APP-000516

Rule Version

DKER-EE-005340

Severity

CAT I

CCI(s)

Weight

10

Fix Recommendation

If docker.daemon does not exist, create the file and set the file permissions for this file to 644.

Run the following command;
chmod 644 /etc/docker/daemon.json

Check Contents

The docker.daemon file is not created on installation and must be created. Ensure that daemon.json file permissions are set to 644 or more restrictive.

Execute the below command to verify that the file permissions are correctly set to 644 or more restrictive:

stat -c %a /etc/docker/daemon.json

If the permissions are not set to 644 or a more restrictive setting, this is a finding.

If the permissions are not set to 644, this is a finding.

Vulnerability Number

V-235868

Documentable

False

Rule Version

DKER-EE-005340

Severity Override Guidance

The docker.daemon file is not created on installation and must be created. Ensure that daemon.json file permissions are set to 644 or more restrictive.

Execute the below command to verify that the file permissions are correctly set to 644 or more restrictive:

stat -c %a /etc/docker/daemon.json

If the permissions are not set to 644 or a more restrictive setting, this is a finding.

If the permissions are not set to 644, this is a finding.

Check Content Reference

M

Target Key

5281

Comments