Documentation - V-233163

V-233163

Container Platform Security Requirements Guide

CAT II

Title

Container images instantiated by the container platform must execute using least privileges.

Description

<VulnDiscussion>Containers running within the container platform must execute as non-privileged. When a container can execute as a privileged container, the privileged container is also a privileged user within the hosting system, and the hosting system becomes a major security risk. It is important for the container platform runtime to validate the container user and disallow instantiation if the container is trying to execute with more privileges than required, as a privileged user, or is tryi...

Fix Text (Documentation Requirement)

Configure the container platform to block instantiation with no more privileges than necessary.

View Full STIG Details →

Documentation Status

Status

Documented Verified - link to a ship document Awaiting Review Evidence submitted, needs verification Pending Needs documentation Not Required Documentation not needed Not Applicable STIG doesn't apply

Notes (Optional)

Cancel