CIS_Docker_Community_Edition_Benchmark_v1.1.0.pdf下载

Docker 通用安全配置指南。 Conventions ......................................................................................................................... 9 Scoring Information ........................................................................................................................................ 9 Profile Definitions ......................................................................................................................................... 10 Acknowledgements ...................................................................................................................................... 11 Recommendations ............................................................................................................................................. 12 1 Host Configuration .................................................................................................................................... 12 1.1 Ensure a separate partition for containers has been created (Scored) .................. 12 1.2 Ensure the container host has been Hardened (Not Scored) ...................................... 14 1.3 Ensure Docker is up to date (Not Scored) .......................................................................... 16 1.4 Ensure only trusted users are allowed to control Docker daemon (Scored) ........ 18 1.5 Ensure auditing is configured for the docker daemon (Scored) ................................ 20 1.6 Ensure auditing is configured for Docker files and directories - /var/lib/docker (Scored) ................................................................................................................................................... 22 1.7 Ensure auditing is configured for Docker files and directories - /etc/docker (Scored) ................................................................................................................................................... 24 1.8 Ensure auditing is configured for Docker files and directories - docker.service (Scored) ................................................................................................................................................... 26 1.9 Ensure auditing is configured for Docker files and directories - docker.socket (Scored) ................................................................................................................................................... 28 1.10 Ensure auditing is configured for Docker files and directories - /etc/default/docker (Scored) ......................................................................................................... 30 1.11 Ensure auditing is configured for Docker files and directories - /etc/docker/daemon.json (Scored) ............................................................................................. 32 1.12 Ensure auditing is configured for Docker files and directories - /usr/bin/docker-containerd (Scored) ........................................................................................ 34