Detections
Analytics

CIS Docker v1.2.0 L1 Docker Linux

Warning! Audit Deprecated

This audit file has been deprecated and will be removed in a future update.

View Next Version

Audit Details

Name: CIS Docker v1.2.0 L1 Docker Linux

Updated: 7/20/2021

Authority: CIS

Plugin: Unix

Revision: 1.8

Estimated Item Count: 89

Audit Changelog

 
Revision 1.8

Jul 20, 2021

Miscellaneous
  • Audit deprecated.
  • Metadata updated.
  • References updated.
Revision 1.7

Jun 17, 2021

Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.6

Apr 24, 2021

Functional Update
  • 3.1 Ensure that the docker.service file ownership is set to root:root
  • 3.17 Ensure that the daemon.json file ownership is set to root:root
  • 3.18 Ensure that daemon.json file permissions are set to 644 or more restrictive
  • 3.19 Ensure that the /etc/default/docker file ownership is set to root:root
  • 3.2 Ensure that docker.service file permissions are appropriately set
  • 3.20 Ensure that the /etc/sysconfig/docker file ownership is set to root:root
  • 3.21 Ensure that the /etc/sysconfig/docker file permissions are set to 644 or more restrictively
  • 3.22 Ensure that the /etc/default/docker file permissions are set to 644 or more restrictively
  • 3.3 Ensure that docker.socket file ownership is set to root:root
  • 3.4 Ensure that docker.socket file permissions are set to 644 or more restrictive
  • 7.2 Ensure that the minimum number of manager nodes have been created in a swarm
  • 7.3 Ensure that swarm services are bound to a specific host interface
  • 7.4 Ensure that all Docker swarm overlay networks are encrypted
  • 7.7 Ensure that the swarm manager auto-lock key is rotated periodically
Informational Update
  • 7.2 Ensure that the minimum number of manager nodes have been created in a swarm
  • 7.3 Ensure that swarm services are bound to a specific host interface
  • 7.4 Ensure that all Docker swarm overlay networks are encrypted
  • 7.7 Ensure that the swarm manager auto-lock key is rotated periodically
Miscellaneous
  • Metadata updated.
  • References updated.
Revision 1.5

Sep 29, 2020

Miscellaneous
  • References updated.
Revision 1.4

Jul 14, 2020

Miscellaneous
  • Metadata updated.
Revision 1.3

Apr 17, 2020

Miscellaneous
  • References updated.
Revision 1.2

Feb 28, 2020

Miscellaneous
  • Metadata updated.
  • Variables updated.
Added
  • 2.7 Ensure the default ulimit is configured appropriately - daemon.json nofile hard
  • 2.7 Ensure the default ulimit is configured appropriately - daemon.json nofile soft
  • 2.7 Ensure the default ulimit is configured appropriately - daemon.json nproc hard
  • 2.7 Ensure the default ulimit is configured appropriately - daemon.json nproc soft
  • 2.7 Ensure the default ulimit is configured appropriately - ps
Removed
  • 2.7 Ensure the default ulimit is configured appropriately
Revision 1.1

Dec 19, 2019

Functional Update
  • 2.7 Ensure the default ulimit is configured appropriately
Miscellaneous
  • Variables updated.