New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Check 3.18 misses valid "more restrictive" permissions #325

introllo opened this Issue Sep 26, 2018 · 1 comment


None yet
2 participants

introllo commented Sep 26, 2018

Current code for 3.18 looks for 644 or 600 but misses 640.

Possible resolution on line 494...

if [ "$(stat -c %a $file)" -eq 644 -o "$(stat -c %a $file)" -eq 600 ]; then
if [ "$(stat -c %a $file)" -eq 644 -o "$(stat -c %a $file)" -eq 640 -o "$(stat -c %a $file)" -eq 600 ]; then

konstruktoid added a commit to konstruktoid/docker-bench-security that referenced this issue Sep 27, 2018

ref docker#325 daemon.json permissions
Signed-off-by: Thomas Sjögren <>

konstruktoid added a commit that referenced this issue Sep 27, 2018

Merge pull request #326 from konstruktoid/issu325
ref #325 daemon.json permissions

This comment has been minimized.

Show comment
Hide comment

konstruktoid Sep 27, 2018


Thanks @introllo, I've added the check to 3.18 in #326.


konstruktoid commented Sep 27, 2018

Thanks @introllo, I've added the check to 3.18 in #326.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment