Use files, branches, or tags for mod dependencies →
Powerpipe Hub 
Hub
Mods
turbot/docker_compliance
Overview
1Dashboards
88Controls
88Queries
2Variables
GitHub

Control: 3.6 Ensure that /etc/docker directory permissions are set to 755 or more restrictively

Description

You should verify that the /etc/docker directory permissions are correctly set to 755 or more restrictively

The /etc/docker directory contains certificates and keys in addition to various sensitive files. It should therefore only be writeable by root to ensure that it can not be modified by a less privileged user.

Remediation

You should run the following command:

chmod 755 /etc/docker

This sets the permissions for the directory to 755.

Default Value

By default, the permissions for this directory are set to 755.

Usage

Run the control in your terminal:

powerpipe control run docker_compliance.control.cis_v160_3_6

Snapshot and share results via Turbot Pipes:

powerpipe login
powerpipe control run docker_compliance.control.cis_v160_3_6 --share

SQL

This control uses a named query:

exec_permissions_755_etc_docker

Tags

category = Compliance
cis = true
cis_item_id = 3.6
cis_level = 1
cis_section_id = 3
cis_type = automated
cis_version = v1.6.0
plugin = docker
service = Docker