Control: 5.32 Ensure that the Docker socket is not mounted inside any containers
The Docker socket
docker.sock should not be mounted inside a container.
If the Docker socket is mounted inside a container it could allow processes running within the container to execute Docker commands which would effectively allow for full control of the host.
You should ensure that no containers mount docker.sock as a volume.
docker.sock is not mounted inside containers.
Run the control in your terminal:
steampipe check docker_compliance.control.cis_v160_5_32
Snapshot and share results via Steampipe Cloud:
steampipe loginsteampipe check --share docker_compliance.control.cis_v160_5_32
This control uses a named query:exec_docker_socket_not_mounted_inside_containers