Workload misconfigurations

Ensure that the Containerd socket file ownership is set to root:root (Automated)

Risk Level

Informational (4)

  • N/A

Compliance Frameworks


You should verify that the Containerd socket file is owned by root and group owned by root.
  • Recommended Mitigation

    You should execute the following command: chown root:root /run/containerd/containerd.sock. This sets the ownership to root and group ownership to root for the default Containerd socket file.