New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check 3.18 misses valid "more restrictive" permissions #325

Closed
introllo opened this Issue Sep 26, 2018 · 1 comment

Comments

Projects
None yet
2 participants
@introllo

introllo commented Sep 26, 2018

Current code for 3.18 looks for 644 or 600 but misses 640.

Possible resolution on line 494...

From:
if [ "$(stat -c %a $file)" -eq 644 -o "$(stat -c %a $file)" -eq 600 ]; then
To:
if [ "$(stat -c %a $file)" -eq 644 -o "$(stat -c %a $file)" -eq 640 -o "$(stat -c %a $file)" -eq 600 ]; then

konstruktoid added a commit to konstruktoid/docker-bench-security that referenced this issue Sep 27, 2018

ref docker#325 daemon.json permissions
Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>

konstruktoid added a commit that referenced this issue Sep 27, 2018

Merge pull request #326 from konstruktoid/issu325
ref #325 daemon.json permissions
@konstruktoid

This comment has been minimized.

Show comment
Hide comment
@konstruktoid

konstruktoid Sep 27, 2018

Member

Thanks @introllo, I've added the check to 3.18 in #326.

Member

konstruktoid commented Sep 27, 2018

Thanks @introllo, I've added the check to 3.18 in #326.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment