GuillaumeHemmen/docker-bench-security
1
0
Fork 0
mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00
Code Issues Projects Releases Packages Wiki Activity
603 commits 3 branches 11 tags 4.9 MiB
Commit graph

603 commits

This branch
This branch
All branches
Author SHA1 Message Date
Thomas Sjögren
0be551b31f Merge pull request #243 from konstruktoid/missing_audit 
supress grep is auditd rules is missing
 2017-04-21 14:24:45 +02:00
Thomas Sjögren
986aaa67fb supress grep is auditd rules is missing 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-04-21 14:24:02 +02:00
Thomas Sjögren
7e6ac47467 Merge pull request #242 from konstruktoid/issue_241 
.Server.Experimental pre-1.13
 2017-04-21 13:53:10 +02:00
Thomas Sjögren
5d9101cfc2 .Server.Experimental pre-1.13 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-04-21 13:51:09 +02:00
Thomas Sjögren
fb28d00c02 Merge pull request #238 from konstruktoid/tls_test 
test tls get_docker_configuration_file_args
 2017-03-23 15:29:48 +01:00
Thomas Sjögren
17ee45ba94 test tls get_docker_configuration_file_args 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-23 15:28:06 +01:00
Thomas Sjögren
6bafeb5386 Merge pull request #237 from konstruktoid/version 
bump to 1.3.2
 2017-03-23 11:40:06 +01:00
Thomas Sjögren
a3dd83a529 bump to 1.3.2 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-23 11:37:15 +01:00
Thomas Sjögren
48b210dcfb Merge pull request #236 from konstruktoid/notes 
add note tag on informational checks
 2017-03-23 11:32:08 +01:00
Thomas Sjögren
a97bdfbe0d add note tag on informal checks 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-23 11:29:58 +01:00
Thomas Sjögren
3ba6138958 Merge pull request #234 from konstruktoid/configuration_file_args 
Modify get_docker_configuration_file_args
 2017-03-23 11:11:14 +01:00
Thomas Sjögren
6105ff6641 use stat when checking permissions 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-22 15:23:04 +01:00
Thomas Sjögren
754e0ed02b tlsverify implies tls 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-21 16:17:08 +01:00
Thomas Sjögren
91e625b8e4 Modify get_docker_configuration_file_args in order to handle daemon.json better, 
and also address missing files issue.

Closes #231
Closes #232

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-21 14:49:42 +01:00
Thomas Sjögren
d5894203c6 Merge pull request #233 from LorensK/patch-1 
Minor clarification
 2017-03-13 14:44:29 +01:00
LorensK
e1fcdb8c3d Minor clarification 
i spent too many seconds pondering whether non-systemd OSs are supported. Using "might" instead of "may" removes the ambiguity.

Signed-off-by: Lorens Kockum <LorensK@users.noreply.github.com>
 2017-03-13 12:41:09 +01:00
Thomas Sjögren
8d1174d569 Merge pull request #228 from konstruktoid/versioning 
new version
 2017-03-02 13:29:42 +01:00
Thomas Sjögren
bbdfa0015e new versioning 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-03-02 13:29:01 +01:00
Thomas Sjögren
260a3a76f1 Merge pull request #225 from andreasstieger/netstat 
2.17: correct netstat usage and filtering
 2017-02-24 13:26:48 +01:00
Andreas Stieger
c30a43c1fd 2.17: account for :::2377 netstat output 
Fixes #224 - no. 4

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:24:02 +01:00
Andreas Stieger
421c6dd866 2.17: may incorrectly match 5 digit port numbers 
Fixes #224 - no. 3

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:57 +01:00
Andreas Stieger
7c66b6373a 2.17: grep -e recognizes IPv4 separator any character - escape 
Fixes #224 - no. 2

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:48 +01:00
Andreas Stieger
c15dc6c568 2.17: netstat non-numeric output may not interpreted correctly 
The port may be aliased in /etc/services
Fixes #224 - no. 1

Signed-off-by: Andreas Stieger <astieger@suse.com>
 2017-02-24 13:23:33 +01:00
Thomas Sjögren
3d87e6d743 Merge pull request #218 from konstruktoid/issue_157 
Check configuration file settings
 2017-02-24 11:28:50 +01:00
Thomas Sjögren
c92e8a142e Merge pull request #222 from konstruktoid/issue_221 
Issue 221
 2017-02-23 17:08:21 +01:00
Thomas Sjögren
011ec950e9 use docker info, as all other tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 17:07:33 +01:00
Thomas Sjögren
7787fc0ec9 correct check_2_21, closes #221 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 17:01:47 +01:00
Thomas Sjögren
8aea40f72a Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157 
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
 2017-02-23 16:47:03 +01:00
Thomas Sjögren
e6522494a9 Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157 
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
  null if no config file
  fallback to default daemon.json
  get file locations from config file
  check config file settings
  add get_docker_configuration_file_args

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:46:26 +01:00
Thomas Sjögren
c1d4a1bd01 Merge branch 'issue_157' of github.com:konstruktoid/docker-bench-security into issue_157 
* 'issue_157' of github.com:konstruktoid/docker-bench-security:
  null if no config file
  fallback to default daemon.json
  get file locations from config file
  check config file settings
  add get_docker_configuration_file_args
 2017-02-23 16:42:25 +01:00
Thomas Sjögren
65ff6d1015 null if no config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
072ff1cce3 fallback to default daemon.json 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
91eb958dd3 get file locations from config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:54 +01:00
Thomas Sjögren
7575020fd5 check config file settings 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:53 +01:00
Thomas Sjögren
7410cdf9f6 add get_docker_configuration_file_args 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-23 16:33:53 +01:00
Thomas Sjögren
7c20138161 Merge pull request #220 from willfarrell/master 
Add HEALTHCHECK -> removes warning from 4.6
 2017-02-23 12:24:45 +01:00
will Farrell
cee1e59860 force Healthcheck to healthy 
This will prevent:
```bash
# Docker Bench for Security v1.3.0
[WARN] 4.6  - Add HEALTHCHECK instruction to the container image
[WARN]      * No Healthcheck found: [docker-bench-security:latest]
```

Signed-off-by: will Farrell <will.farrell@gmail.com>
 2017-02-22 16:19:19 -07:00
Thomas Sjögren
1caa7f4344 Merge pull request #219 from konstruktoid/swarm_tests 
update swarm tests
 2017-02-22 10:13:15 +01:00
Thomas Sjögren
584847e5b4 update swarm tests 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-22 10:11:44 +01:00
Thomas Sjögren
ff314754a3 null if no config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-22 09:37:42 +01:00
Thomas Sjögren
1f499387c6 fallback to default daemon.json 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-21 11:49:06 +01:00
Thomas Sjögren
03f5088d08 get file locations from config file 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-20 11:22:01 +01:00
Thomas Sjögren
cda18f31a5 check config file settings 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-20 11:21:18 +01:00
Thomas Sjögren
bfcc4ec4b8 add get_docker_configuration_file_args 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-20 11:20:41 +01:00
Thomas Sjögren
48563f837a Merge pull request #217 from konstruktoid/code_clean 
remove code, if CMD instead of exit code
 2017-02-17 15:10:37 +01:00
Thomas Sjögren
7d992029e6 remove code, if CMD instead of exit code 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-17 15:03:29 +01:00
Thomas Sjögren
2de8e71d01 Merge pull request #216 from konstruktoid/issue_212 
replace contains with grep
 2017-02-15 15:12:25 +01:00
Thomas Sjögren
bd236b1ac0 add host / as sensitive 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-13 11:36:16 +01:00
Thomas Sjögren
e78f1b8045 replace contains with grep 
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
 2017-02-10 15:35:06 +01:00
Thomas Sjögren
7eeb6890ff Merge pull request #215 from konstruktoid/alpine_apk 
apk upgrade
 2017-01-31 14:31:55 +01:00