Back

Configure the "Linux kernel capabilities" to organizational standards.


CONTROL ID
14531
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS




This Control directly supports the implied Control(s):
  • Configure “Docker” to organizational standards., CC ID: 14457

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH




  • Ensure that Linux kernel capabilities are restricted within containers Description: By default, Docker starts containers with a restricted set of Linux kernel capabilities. This means that any process can be granted the required capabilities instead of giving it root access. Using Linux kernel capab… (5.3, The Center for Internet Security Docker Level 1 Docker Linux Benchmark, v 1.2.0)
  • Ensure that Linux kernel capabilities are restricted within containers Description: By default, Docker starts containers with a restricted set of Linux kernel capabilities. This means that any process can be granted the required capabilities instead of giving it root access. Using Linux kernel capab… (5.3, The Center for Internet Security Docker Level 2 Docker Linux Benchmark, 1.2.0)