Back

Configure the "docker exec commands" to organizational standards.


CONTROL ID
14502
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure “Docker” to organizational standards., CC ID: 14457

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Ensure that docker exec commands are not used with the privileged option Description: You should not use `docker exec` with the `--privileged` option. Rationale: Using the `--privileged` option in `docker exec` commands gives extended Linux capabilities to the command. This could potentially be an i… (5.22, The Center for Internet Security Docker Level 2 Docker Linux Benchmark, 1.2.0)
  • Ensure that docker exec commands are not used with the user=root option Description: You should not use `docker exec` with the `--user=root` option. Rationale: Using the `--user=root` option in a `docker exec` command, executes it within the container as the root user. This could potentially be inse… (5.23, The Center for Internet Security Docker Level 2 Docker Linux Benchmark, 1.2.0)