Information
If you are using Docker on a machine that uses systemd to manage services, then verify that
the 'docker.socket' file ownership and group-ownership is correctly set to 'root'.
'docker.socket' file contains sensitive parameters that may alter the behavior of Docker
remote API. Hence, it should be owned and group-owned by 'root' to maintain the integrity
of the file.
Solution
#> chown root-root /usr/lib/systemd/system/docker.socket
This would set the ownership and group-ownership for the file to 'root'.
Impact-None.
Default Value-This file may not be present on the system. In that case, this recommendation is not
applicable. By default, if the file is present, the ownership and group-ownership for this file
is correctly set to 'root'.