Docker Hardening

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Docker Hardening

L0 Member

Hello,

 

I followed this docker hardening documentation to harden the docker containerzied environment for Cortex XSOAR solutin. 

 

I added the first server configuration key as this (docker.run.internal.asuser = true), and reset docker containers then issue this command (!py script="import os;print(os.getuid())") to validate if docker currently run under non root user, and it returns 999 which is good.

 

But after i added the second configuration key mentioned in the document as this (docker.run.internal.asuser.ignore=demisto/python3:,demisto/python:), and repeat the same process to confirm user, it returned (0) this time. 

 

So i'm just wondering if this is normal of have i made a mistake while adding the second key.

 

Thanks,

Ahmed Saeed

2 REPLIES 2

L0 Member

 I ran the final hardening check script, and this is the output

AmadoSaeeed_0-1666436252839.png

 

L3 Networker

I think the second configuration is for exceptions where the container doesn't support non root users. You basically set all python 3 docker images to run as root

 

  • 1114 Views
  • 2 replies
  • 0 Likes
  • 31 Subscriptions
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!