aquasecurity/docker-bench

If I fix 1.1.8 according remediation,both of 1.1.8 and 1.1.4 will PASS

y4ney opened this issue a year ago · 0 comments

y4ney commented a year ago

If I execute the remediation in 1.1.8 of cis-1.3.1 which is auditing containerd.sock ,the check 1.1.4 will also pass. Because the path of containerd.sock contains the /run/containerd

-w /run/containerd/containerd.sock -k docker

As for check 1.1.4, if audit rule contains the directory /run/containerd,It will PASS

auditctl -l | grep /run/containerd

But in fact, I did not audit the directory /run/containerd