Skip to content

0307-docker-socket-priv-docker.socket file permissions are not set to 644 or more restrictive

Rule ID

  • 0307-docker-socket-priv

Category

  • Container

Level

  • Warn

Compatible Versions

  • Linux

Description

  • If Docker is used on a computer that manages services with systemd, verify that the ownership and group ownership of the 'docker.socket' file are correctly set to 'root'.

Scan Frequency

  • 0 */30 * * *

Theoretical Basis

  • The docker.socket file contains sensitive parameters that may alter the behavior of the Docker remote API. Therefore, it should only be writable by root to maintain the integrity of the file.

Risk Items

  • Container Security

Audit Method

  • Execute the following command to verify that the file permissions are correctly set to "644" or more restrictive:

stat -c %a /usr/lib/systemd/system/docker.socket
The above command should return no output.

Remediation

  • Execute the following command: 
    #> chmod 644 /usr/lib/systemd/system/docker.socket
    This will set the file permissions of this file to "644".

Impact

  • None

Default Value

  • This file may not exist on the system. In this case, this recommendation does not apply. By default, if the file exists, the file permissions for this file will be correctly set to '644'.

References

CIS Controls

  • None

Feedback

Is this page helpful? ×