Docker Security Checklist

  • Use official images.
  • Restrict network/links within containers.
  • Make sure docker daemon REST api is off, and then use traditional UNIX permission checks to Limit access to the control socket.
  • Limit docker daemon permission on host.
  • Run as non-root.
  • Add an extra layer of safety by enabling AppArmor, SELinux, GRSEC, or your fav hardening solution.



, ,