Control: 3.18 Ensure that daemon.json file permissions are set to 644 or more restrictive
You should verify that if the
daemon.json is present its file permissions are correctly set
644 or more restrictively.
daemon.json file contains sensitive parameters that may alter the behavior of the
docker daemon. Therefore it should be writeable only by
root to ensure it is not
modified by less privileged users.
daemon.json file is present, you should execute the command below:
chmod 644 /etc/docker/daemon.json
This sets the file permissions for this file to
This file may not be present on the system, and in that case, this recommendation is not applicable.
Run the control in your terminal:
steampipe check docker_compliance.control.cis_v160_3_18
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share docker_compliance.control.cis_v160_3_18
This control uses a named query:exec_permissions_644_daemon_json