GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity
581 commits 3 branches 11 tags 4.9 MiB
Commit graph

581 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thomas Sjögren
2e6b7ec653
Merge pull request #367 from konstruktoid/ISSUE362c 
accept only if ADD in / #362
 2019-03-19 13:55:10 +00:00
Thomas Sjögren
740439d352 accept only if ADD in / #362 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2019-03-19 14:54:38 +01:00
Thomas Sjögren
5370aef248
Merge pull request #366 from konstruktoid/ISSUE362b 
exclude first ADD since its most often the base #362
 2019-03-19 13:28:01 +00:00
Thomas Sjögren
cec124a162 exclude first ADD since its most often the base #362 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2019-03-19 14:27:02 +01:00
Thomas Sjögren
f01acac650
Merge pull request #364 from konstruktoid/ISSUE362 
INFO shouldnt increase score #362
 2019-03-14 11:13:22 +00:00
Thomas Sjögren
d942b12e0a INFO shouldnt increase score #362 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2019-03-14 10:32:39 +01:00
Thomas Sjögren
b802f55f1a
Merge pull request #361 from ekho/bugfix/check_2_9 
Fixed check 2.9
 2019-03-12 15:20:40 +00:00
Boris Gorbylev
689a5a62c5
Fixed check 2.9 
Signed-off-by: Boris Gorbylev <ekho@ekho.name>
 2019-02-21 19:15:38 +03:00
Thomas Sjögren
f8be7239e5
Merge pull request #360 from konstruktoid/ISSUE358 
catch root with uid and name as well #358 CVE-2019-5736
 2019-02-13 15:00:46 +01:00
Thomas Sjögren
7e3ecaf17d catch root with uid and name as well #358 CVE-2019-5736 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2019-02-13 14:58:34 +01:00
Thomas Sjögren
6d5b15788a
Merge pull request #357 from konstruktoid/ISSUE356 
4.9 resulttestjson "INFO" #356
 2019-01-24 16:47:35 +01:00
Thomas Sjögren
a911c23915 4.9 resulttestjson "INFO" #356 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2019-01-24 16:46:51 +01:00
Thomas Sjögren
2fb15f4b6d
Merge pull request #353 from kakakakakku/improve-readme 
Updated README.md / Added -t option
 2019-01-17 15:24:00 +01:00
kakakakakku
c560b044e4 Updated README.md 
Signed-off-by: Yoshiaki Yoshida <y.yoshida22@gmail.com>
 2019-01-17 21:04:46 +09:00
Thomas Sjögren
b1bbe07902
Merge pull request #352 from anthony-roger/master 
feat: add target -t option to run checks for specifics images
 2019-01-15 09:24:13 +01:00
Anthony Roger
1dd7956760 feat: add the ability to select the images to be check from registry in order to integrate in ci 
Signed-off-by: Anthony Roger <aroger@softwaymedical.fr>
 2018-12-11 14:39:16 +01:00
Thomas Sjögren
cc6b16d8a7
Merge pull request #349 from konstruktoid/ISSUE286 
exclude docker-bench-security container #286
 2018-11-23 10:51:12 +01:00
Thomas Sjögren
9d9da6d375 exclude docker-bench-security container #286 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-11-23 10:50:34 +01:00
Thomas Sjögren
a7a24a8d7f
Merge pull request #347 from telepresencebot2/master 
fix test 7.4 using 5.25 as a model
 2018-11-15 08:56:45 +01:00
telepresencebot2
4bf876296a fix test 7.4 using 5.25 as a model 
Signed-off-by: Taylor Lucy <talucy@franklinamerican.com>
 2018-11-14 14:30:51 -06:00
Thomas Sjögren
7088b21f02
Merge pull request #345 from boblington/issue-344 
Fix missing check_7_4
 2018-11-12 09:58:22 +01:00
Thomas Sjögren
3887a4095d
Merge pull request #343 from boblington/master 
fix bugs in -e option
 2018-11-12 09:55:55 +01:00
Cheng-Li Jerry Ma
a46b6500af Fix missing check_7_4 
Signed-off-by: Cheng-Li Jerry Ma <chengli.ma@gmail.com>
 2018-11-09 09:47:41 -07:00
Cheng-Li Jerry Ma
304094cbb2 Fix -e option totalChecks and currentScore always 0 
Signed-off-by: Cheng-Li Jerry Ma <chengli.ma@gmail.com>
 2018-11-08 15:35:20 -07:00
Cheng-Li Jerry Ma
37ccf4dbcf Fix -e option last entry is not excluded in docker 
Signed-off-by: Cheng-Li Jerry Ma <chengli.ma@gmail.com>
 2018-11-08 15:34:55 -07:00
Cheng-Li Jerry Ma
db8a8c0d96 Fix -e option always skipping check_1, check_2, check_3 and ... 
this also caused the output json to be malformed without proper grouping/nesting

Signed-off-by: Cheng-Li Jerry Ma <chengli.ma@gmail.com>
 2018-11-08 15:33:23 -07:00
Thomas Sjögren
a9caef9eb6
Merge pull request #339 from ellerbrock/master 
Update Alpine Linux to Version 3.8 (latest)
 2018-11-07 11:40:15 +01:00
Maik Ellerbrock
af334986e1
build(update alpine linux to version 3.8): 
Signed-off-by: Maik Ellerbrock <opensource@frapsoft.com>
 2018-11-07 10:20:45 +01:00
Thomas Sjögren
bcd1c22845
Merge pull request #338 from konstruktoid/lint 
Lint
 2018-11-01 11:07:34 +01:00
Thomas Sjögren
75c8f3d2da cleanup 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-11-01 11:05:52 +01:00
Thomas Sjögren
391e09f76a linting 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-11-01 10:24:36 +01:00
Thomas Sjögren
4725582a0c
Merge pull request #337 from konstruktoid/issue321 
load dependencies in correct order
 2018-10-25 12:06:52 +02:00
Thomas Sjögren
eb9ea59fe5 load dependencies in correct order 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-25 12:05:48 +02:00
Thomas Sjögren
d45081bd1a
Merge pull request #336 from konstruktoid/issue321 
Issue321
 2018-10-25 11:42:27 +02:00
Thomas Sjögren
1647e47976 update README 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-25 11:39:35 +02:00
Thomas Sjögren
2cbfd83f53 add nocolor option #321 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-25 11:34:14 +02:00
Thomas Sjögren
9dd2fa5ce0
Merge pull request #335 from konstruktoid/issue330 
sed option extravaganza #330
 2018-10-25 08:48:07 +02:00
Thomas Sjögren
e84e9e52e0
Merge pull request #333 from konstruktoid/issue332 
use mountpoint and DockerRootDir #332
 2018-10-25 08:47:42 +02:00
Thomas Sjögren
6789403599
Merge pull request #328 from konstruktoid/issue286 
add include option #286
 2018-10-25 08:47:04 +02:00
Thomas Sjögren
afa289d9b7 sed option extravaganza #330 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-24 10:01:27 +02:00
Thomas Sjögren
d5b900ce05 use mountpoint and DockerRootDir #332 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-23 15:26:41 +02:00
Thomas Sjögren
1721253616
Merge pull request #331 from konstruktoid/issue330 
update README #330
 2018-10-23 12:17:42 +02:00
Thomas Sjögren
704471c52d update README #330 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-23 12:16:55 +02:00
Thomas Sjögren
36b73c4398 add include option #286 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-10-15 16:21:00 +02:00
Thomas Sjögren
9ca5b8b2e1
Merge pull request #314 from draios/master 
Improve docker-bench-security json output
 2018-10-12 12:27:20 +02:00
Mark Stemm
ec7d8ce690 Improve docker-bench-security json output 
Add a test object for each test performed by the script. Each object has
an id N.M, a desc property describing the test, and the result. Some
tests include additional information about the test e.g. "No TLS
Certificate Found". That can be found in an optional details property of
the test object.

Also, some tests might also return a list of containers, images, users,
etc. This is included in an optional items property of the test object.

Instead of having all test results as top-level objects, break the test
results into sections. Each section has an id + description e.g. "1" and
"Host Configuration". The tests for that section are an array below that
object.

All of the additional json output is implemented by adding new functions
startsectionjson(), endsectionjson(), starttestjson(), and
resulttestjson() that take the id/desc/etc as arguments and print the
proper json properties. It also required adding an "end" test to each
script that calls endsectionjson().

Signed-off-by: Mark Stemm <mark.stemm@gmail.com>
 2018-10-11 13:39:55 -07:00
Thomas Sjögren
bbf43c88e1
Merge pull request #326 from konstruktoid/issu325 
ref #325 daemon.json permissions
 2018-09-27 09:51:02 +02:00
Thomas Sjögren
773625a894 ref #325 daemon.json permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2018-09-27 09:49:32 +02:00
Thomas Sjögren
feced0f6b2
Merge pull request #313 from nbrownuk/issue295-fix-tls-config-check 
Fixes incorrect reporting of TLS configuration in test 2.6
 2018-08-08 11:58:47 +02:00
Thomas Sjögren
dbe0ada203
Merge pull request #322 from konstruktoid/ISSUE316 
dont decrease 5.29 #316
 2018-08-06 09:51:42 +02:00