Security Opt Not Set

• Query id: 610e266e-6c12-4bca-9925-1ed0cd29742b
• Query name: Security Opt Not Set
• Platform: DockerCompose
• Severity: Medium
• Category: Resource Management
• URL: Github

Description

Attribute 'security_opt' should be defined.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file

version: "3.9"

services:
  webapp:
    build:
      context: ./
      dockerfile: Dockerfile-alternate
      args:
        buildno: 1
    ports:
      - "8080:8080"
      - "3000:3000"

Code samples without security vulnerabilities

Negative test num. 1 - yaml file

version: "3.9"

services:
  webapp:
    build:
      context: ./
      dockerfile: Dockerfile-alternate
      args:
        buildno: 1
    ports:
      - "8080:8080"
      - "3000:3000"
    security_opt:
      - apparmor:unconfined