GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-18 16:22:33 +01:00
Code Issues Projects Releases Packages Wiki Activity
898 commits 3 branches 11 tags 4.9 MiB
Commit graph

898 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thomas Sjögren
0df4448fb8 Merge pull request #49 from konstruktoid/apk_update 
keep the image up-to-date
 2015-06-23 21:36:28 +02:00
Thomas Sjögren
641bf4e864 keep the image up-to-date 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-23 21:32:35 +02:00
Thomas Sjögren
88566a8f9f Merge pull request #44 from konstruktoid/shellcheck 
shellcheck fixes
 2015-06-23 21:20:50 +02:00
Thomas Sjögren
553e2d7c30 Merge remote-tracking branch 'origin/master' into shellcheck 
* origin/master:
  actually catch ssh
  update do_version_check

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

Conflicts:
	tests/1_host_configuration.sh
	tests/5_container_runtime.sh
 2015-06-23 21:17:41 +02:00
Thomas Sjögren
10efc9ee61 Merge pull request #45 from konstruktoid/version_count 
update do_version_check and 5.7
 2015-06-23 21:05:16 +02:00
Thomas Sjögren
2907078fd2 actually catch ssh 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-21 23:11:23 +02:00
Thomas Sjögren
ef8ff4a9f3 update do_version_check 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-21 23:11:02 +02:00
Thomas Sjögren
b5c571df18 shellcheck fixes 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-21 23:03:34 +02:00
Thomas Sjögren
62a903246c Merge pull request #43 from konstruktoid/contrib_b 
tests tree
 2015-06-21 22:08:19 +02:00
Thomas Sjögren
072df180aa tests tree 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-21 22:07:07 +02:00
Thomas Sjögren
edf0646330 Merge pull request #40 from liron-l/master 
Fix CIS 5.8 - Reverse container port and reduce privileged port to 1024
 2015-06-21 21:45:01 +02:00
Liron Levin
ddc7553e7a Merge branch 'master' of github.com:liron-l/docker-bench-security 
Signed-off-by: Liron Levin <liron@twistlock.com>
 2015-06-21 07:26:39 +03:00
Liron Levin
b2093036df Fix CIS 5.8 - Reverse container port and reduce privileged port to 1024 
-- According to CIS, 5.8 apply to priviliged port on the host not on the
container:
`processes are not allowed to use them for various security reasons.
Docker allows a
container port to be mapped to a privileged port.`
-- Also privileged port should be less than 1024 inclusive

Signed-off-by: liron-l <levinlir@gmail.com>
Signed-off-by: Liron Levin <liron@twistlock.com>
 2015-06-21 07:25:24 +03:00
liron-l
0602870be5 Fix CIS 5.8 - Reverse container port and reduce privileged port to 1024 
-- According to CIS, 5.8 apply to priviliged port on the host not on the
container:
`processes are not allowed to use them for various security reasons.
Docker allows a
container port to be mapped to a privileged port.`
-- Also privileged port should be less than 1024 inclusive

Signed-off-by: liron-l <levinlir@gmail.com>
 2015-06-21 07:19:28 +03:00
Thomas Sjögren
b8afe35a5b Merge pull request #42 from konstruktoid/contrib 
CONTRIBUTING.md
 2015-06-19 23:55:05 +02:00
Thomas Sjögren
b808610b45 simplify dir tree 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-19 23:52:01 +02:00
Thomas Sjögren
0b32b8aa22 codecheck w shellcheck, checkbashisms 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-19 23:47:27 +02:00
Thomas Sjögren
3d2565742a same build instructions everywhere 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-19 23:46:43 +02:00
Thomas Sjögren
2a0241d839 Merge pull request #41 from konstruktoid/exclude_container 
consistent labeling
 2015-06-19 23:34:36 +02:00
Thomas Sjögren
2dbfdd112f consistent labeling 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-19 23:31:44 +02:00
Thomas Sjögren
d9bb6ce936 Merge pull request #39 from konstruktoid/issue_31 
Change from ls to stat, fix permissions
 2015-06-19 22:48:32 +02:00
Thomas Sjögren
1e0ef4cf97 crt dir and permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-18 00:32:20 +02:00
Thomas Sjögren
0c61ddb6dd from ls to stat 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-17 23:52:53 +02:00
Thomas Sjögren
3059cef2c3 444 is read-only 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-17 23:52:23 +02:00
Thomas Sjögren
70b8d33cef replace ls with stat when checking owner and perms 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-17 23:25:01 +02:00
Thomas Sjögren
820bb581b7 add stat. reorder 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-17 23:23:59 +02:00
Diogo Mónica
23a74b5bd0 Fixing local running of container in README 2015-06-17 11:25:52 -07:00
Diogo Mónica
e8c3571a84 Fixed Examples 2015-06-16 17:21:54 -07:00
Thomas Sjögren
158c5cf1ac Merge pull request #36 from konstruktoid/issue_33 
catch all -H, not only tcp://
 2015-06-15 23:34:23 +02:00
Thomas Sjögren
20db7d8a4d catch all -H, not only tcp:// 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-15 23:04:02 +02:00
Thomas Sjögren
49070a4af1 Merge pull request #35 from konstruktoid/cap_audit 
add cap_audit_control for auditctl to work
 2015-06-15 22:19:41 +02:00
Thomas Sjögren
cf7b13d5ba add cap_audit_control for auditctl to work 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-15 22:15:24 +02:00
Thomas Sjögren
af47962bc8 Merge pull request #26 from konstruktoid/issue_25 
Issue #25, dont warn if file is missing and add /var/lib
 2015-06-15 22:03:46 +02:00
Thomas Sjögren
eca8471c71 Merge branch 'master' of github.com:konstruktoid/docker-bench-security into issue_25 
* 'master' of github.com:konstruktoid/docker-bench-security:
  Fix test 5.14 to not always pass when multiple ports are published.
  change to docker repository
  make readme codeblocks prettier
  Add first version of CONTRIBUTING.md
  Issue #24, remove -U, -u
  use official alpine image as the base
  Make the main script an executable for if I want to run it on my host

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

Conflicts:
	README.md
 2015-06-15 22:01:48 +02:00
Diogo Mónica
0cbb99d1f1 Merge pull request #34 from CtrlZvi/5.14_multiport_support 
Fix test 5.14 to not always pass when multiple ports are published.
 2015-06-15 11:44:55 -07:00
Zvi "Viz" Effron
3616f15cba Fix test 5.14 to not always pass when multiple ports are published. 
Signed-off-by: Zvi "Viz" Effron <zeffron@riotgames.com>
 2015-06-15 11:26:13 -07:00
Diogo Mónica
0e7967e9b0 Merge pull request #32 from konstruktoid/docker_pull 
change to docker repository
 2015-06-14 14:56:06 -07:00
Thomas Sjögren
41a0f63013 change to docker repository 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-14 23:54:15 +02:00
Thomas Sjögren
5c3c36c5ca New README 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-14 23:03:11 +02:00
Diogo Mónica
f3f5636ac9 Merge pull request #30 from docker/add-contributing 
Add first version of CONTRIBUTING.md
 2015-06-12 15:53:09 -07:00
Diogo Mónica
00b2c55589 Merge pull request #29 from jfrazelle/make-readme-codeblocks-prettier 
make readme codeblocks prettier
 2015-06-11 16:56:00 -07:00
Jessica Frazelle
de92a18648 make readme codeblocks prettier 
Signed-off-by: Jessica Frazelle <princess@docker.com>
 2015-06-11 16:54:23 -07:00
Diogo Monica
ebcbf9a231 Add first version of CONTRIBUTING.md 2015-06-11 16:26:49 -07:00
Thomas Sjögren
f4ee80ba3e add -v /var/lib:/var/lib 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-11 21:37:44 +02:00
Diogo Mónica
67711b52d3 Merge pull request #27 from konstruktoid/issue_24 
Issue #24, remove -U, -u
 2015-06-10 18:29:29 -07:00
Diogo Mónica
eed841c201 Merge pull request #23 from jfrazelle/make-executable 
Make the main script an executable for if I want to run it on my host
 2015-06-10 18:25:33 -07:00
Thomas Sjögren
2d25ddbcaf Issue #24, remove -U, -u 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-11 02:35:54 +02:00
Thomas Sjögren
56a7cb8779 Issue #25, dont warn if file is missing 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2015-06-11 02:17:14 +02:00
Jessica Frazelle
b24a9d15b9 use official alpine image as the base 
Signed-off-by: Jessica Frazelle <princess@docker.com>
 2015-06-09 00:11:03 -07:00
Jessica Frazelle
0231a7f5de Make the main script an executable for if I want to run it on my host 
Fix image sprawl to work

Fix port range

Signed-off-by: Jessica Frazelle <princess@docker.com>
 2015-06-09 00:10:44 -07:00