Workload misconfigurations

Ensure containers are restricted from acquiring new privileges (Automated)

Risk Level

Informational (4)

Platform(s)
  • N/A

Compliance Frameworks

Description

By default you should restrict containers from acquiring additional privileges via suid or sgid.
  • Recommended Mitigation

    You should run the Docker daemon as follows: 'dockerd --no-new-privileges'