STIGQter: STIG Summary: Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide Version: 2 Release: 1 Benchmark Date: 23 Apr 2021:

Docker Enterprise server certificate file permissions must be set to 444 or more restrictive.

DISA Rule

SV-235862r627713_rule

Vulnerability Number

V-235862

Group Title

SRG-APP-000516

Rule Version

DKER-EE-005280

Severity

CAT II

CCI(s)

• CCI-000366 - The organization implements the security configuration settings.

Weight

10

Fix Recommendation

chmod 444 <path to Docker server certificate file>

This sets the file permissions of the Docker server file to 444.

Check Contents

Ensure that Docker server certificate file permissions are set to 444 or more restrictive.

Execute the below command to verify that the Docker server certificate file has permissions of 444 or more restrictive:

stat -c %a <path to Docker server certificate file>

If the permissions are not set to 444, this is a finding.

Vulnerability Number

V-235862

Documentable

False

Rule Version

DKER-EE-005280

Severity Override Guidance

Ensure that Docker server certificate file permissions are set to 444 or more restrictive.

Execute the below command to verify that the Docker server certificate file has permissions of 444 or more restrictive:

stat -c %a <path to Docker server certificate file>

If the permissions are not set to 444, this is a finding.

Check Content Reference

M

Target Key

5281

Comments