Privileged Containers Enabled
- Query id: ae5b6871-7f45-42e0-bb4c-ab300c4d2026
- Query name: Privileged Containers Enabled
- Platform: DockerCompose
- Severity: High
- Category: Resource Management
- URL: Github
Description¶
Privileged containers should be used with extreme caution, they have all of the capabilities that the linux kernel offers for docker.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
version: "3.9"
services:
webapp:
build:
context: ./dir
dockerfile: Dockerfile-alternate
args:
buildno: 1
privileged: true
Positive test num. 2 - yaml file
version: "3.9"
services:
webapp:
build:
context: ./dir
dockerfile: Dockerfile-alternate
args:
buildno: 1
ports:
- "8080:8080"
- "3000:3000"
privileged: true
cap_drop:
- all