How To Quickly Run a Basic Security Audit Against Docker & Secure the Docker Daemon

How To Quickly Run a Basic Security Audit Against Docker & Secure the Docker Daemon

by Eliza May Austin



Basic Install

sudo apt install docker.io
sudo systemctl start docker
sudo systemctl enable docker
sudo apt install git -y
git clone https://github.com/docker/docker-bench-security.git
cd docker-bench-security/
sudo ./docker-bench-security.sh


Securing the Docker Daemon

sudo ./docker-bench-security.sh -c docker_daemon_configuration


sudo docker container run -it --name elizascontainer alpine sh


sudo docker container top elizascontainer -eo user,pid,comm


cd ../../../sudo nano /etc/docker/daemon.json

{
"userns-remap": "default"
}

sudo service docker restart


sudo ./docker-bench-security.sh -c docker_daemon_configuration



Free Resources for Docker Security


Eliza May Austin is the CEO & Co-Founder at th4ts3cur1ty.company. Eliza is also the Founder and Director of Ladies of London Hacking Society.


The article has been originally published at: https://medium.com/better-programming/how-to-quickly-run-a-basic-security-audit-against-docker-secure-the-docker-daemon-cdf1d8e4cd


August 16, 2019

Leave a Reply

avatar

This site uses Akismet to reduce spam. Learn how your comment data is processed.

  Subscribe  
Notify of

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2013