docker/docker-bench-security

Issues

• check_2_3 doesnt appear to account for log-level default value

  #552 opened 16 days ago by spedersen-emailage
  11

• jq error

  #551 opened 2 months ago by suljov
  3

• get_service_file unable to find containerd.sock

  #548 opened 2 months ago by spedersen-emailage
  9

• Exit Code Control, and Output Format Options

  #482 opened 2 years ago by AErmie
  13

• check 5_14 maximum attempts or maximum retry should be <= 5.

  #538 opened 4 months ago by codefrogs
  3

• Sed error when specifying checks to include and exclude when runnning on a Mac

  #503 opened 5 months ago by gavinmporter
  1

• 404: functions_lib.sh link is invalid

  #507 opened 5 months ago by Wenzel
  1

• Docker Benchmark support v1.4.x / v1.5.x

  #512 opened 5 months ago by ktsowes
  17

• False positives for 2.5 (ensure no insecure registries)

  #529 opened 5 months ago by pgatilov
  5

• Docker 1.6.0 is the latest version

  #534 opened 5 months ago by anubhav1992
  2

• Definition of the assessment status

  #545 opened 6 months ago by saikumark
  1

• Docker daemon socket security

  #544 opened 6 months ago by Nethaji-nethu
  1

• Check 5.14 should not check for container MaximumRetryCount

  #542 opened 6 months ago by jscheytt
  4

• when jq output is equal "null", is not handled well and checks return a wrong PASS. Also, when jq is not available, cat does not handle well complex values like for example 'default-ulimits'

  #537 opened 7 months ago by halfluke
  9

• Is it possible to add containers/images filter by LABEL

  #530 opened 9 months ago by lekpamartin
  3

• Ensure image sprawl is avoided miscalculation

  #532 opened 9 months ago by halfluke
  1

• Update required programs check to use tr command instead of truncate command

  #527 opened a year ago by manojrkrish
  3

• Bug in get_docker_configuration_file_args() causes false positives

  #524 opened a year ago by brsolomon-deloitte
  3

• 1

  #523 opened a year ago by Jones7778
  0

• [false positive] MaximumRetryCount is not set to 5:

  #521 opened a year ago by andreagalle
  6

• rootless

  #505 opened 2 years ago by xoroz
  3

• Your utility doesn't correctly recognize the CPU limit (NanoCpus)

  #510 opened a year ago by melroy89
  6

• Feature request: TAP output files

  #509 opened a year ago by knaapjvd
  3

• Ubuntu does not use /etc/sysconfig/docker for its service config - checks 3.20 and 3.21

  #502 opened 2 years ago by scottbrunza
  4

• 2.7 false positive when log_opt set

  #498 opened 2 years ago by dhrapson
  5

• Support Number of Checks / Score By Group

  #486 opened 2 years ago by AErmie
  4

• Error at 1.1.14-1.1.18, Audit rule applied but still mentioned not applied

  #484 opened 2 years ago by Styleeeeez
  6

• Can't seem to capture the output in a log file

  #483 opened 2 years ago by poencho
  7

• Docker-bench-security check 2.2 icc issue

  #480 opened 3 years ago by fbinliu
  15

• Autodetect host configuration

  #479 opened 2 years ago by thediveo
  2

• Docker benchmark security on containers running on Fargate

  #468 opened 2 years ago by sudhir05
  2

• docker.service file permission is 640 but it is still giving a WARN notification

  #459 opened 2 years ago by adespain
  6

• How do I convert the output of the log into JSON format

  #458 opened 2 years ago
  2

• Running docker-bench-security under WSL1

  #446 opened 4 years ago by sbutt
  7

• Docker daemon no-new-privileges: true seems to not work

  #492 opened 2 years ago by archfz
  7

• Incorrect JSON log for items that contains open and close bracket characters

  #490 opened 3 years ago by gookey12
  1

• Running docker bench with Docker daemon listen on a specific IP and port

  #447 opened 3 years ago by ppratheesh
  4

• 1.2.1 is listed as 1.1 in the results, and userns-remap causes 1.2.1 to fail.

  #462 opened 3 years ago by adespain
  5

• Invalid check for socket existence

  #477 opened 3 years ago by drmaciej
  2

• bash not available within Alpine:3.13

  #473 opened 3 years ago by denhamparry
  0

• Run failed on MacOS(Big Sur 11.4) with /etc/hostname: operation not permitted: unknown

  #472 opened 3 years ago by oslook
  1

• "[dumb-init] docker-bench-security.sh: No such file or directory" on Windows 10 when trying to build locally

  #470 opened 3 years ago by pxds
  2

• Test 1.8 is WARN on docker.service, but auditing is enabled.

  #465 opened 3 years ago by paulhargreaves
  4

• -it options in recommended run commands for prebuilt container

  #452 opened 3 years ago by dylanzt
  3

• excluding group not working

  #453 opened 4 years ago by Constantin07
  6

• Test 4.6 does not always output affected images

  #450 opened 4 years ago by scenthound
  5

• ARM64

  #443 opened 4 years ago by matonb
  1

• In K8S, every container is loaded with a pause container, and there are no limits on the resource limits that docker CIS checks for pause. For this, I would like to ask whether to limit the resource of the pause container？

  #442 opened 4 years ago
  9

• [WARN] 4.1 - Ensure a user for the container has been created

  #437 opened 4 years ago by yaminisridaran
  26

• Hello, the author of Docker-bench-Secruity, the script that runs is currently 1.3.5, while the script that starts with Docker run is 1.3.4. Should this image be updated

  #441 opened 4 years ago
  12