docker-bench-security

mirror of https://github.com/docker/docker-bench-security.git synced 2025-01-19 00:32:34 +01:00

History

HuKeping 100b63dac5 Add test for OOM killer disable It is the best practise that only disable the OOM killer on containers where you have also set the `-m/--memory` option. If the `-m/--memeory` flag is not set, this can result in the host running out of memory and require killing the host's system processes to free memory. Examples: The following example limits the memory to 100M and disables the OOM killer for this container: $ docker run -ti -m 100M --oom-kill-disable ubuntu:14.04 /bin/bash The following example, illustrates a dangerous way to use the flag: $ docker run -ti --oom-kill-disable ubuntu:14.04 /bin/bash The container has unlimited memory which can cause the host to run out memory and require killing system processes to free memory. Signed-off-by: Hu Keping <hukeping@huawei.com>		2015-10-23 10:37:10 +08:00
..
1_host_configuration.sh	current version is 1.8.2	2015-10-01 21:46:33 +02:00
2_docker_daemon_configuration.sh	Fix for issue #47 .	2015-06-29 22:27:34 +02:00
3_docker_daemon_configuration_files.sh	missed one tls*	2015-07-10 02:10:26 +02:00
4_container_images.sh	Double quote to prevent globbing and word splitting.	2015-05-31 12:26:37 +02:00
5_container_runtime.sh	Add test for OOM killer disable	2015-10-23 10:37:10 +08:00
6_docker_security_operations.sh	Count unique image ids only	2015-08-10 17:19:06 +02:00