- Use official images.
- Restrict network/links within containers.
- Make sure docker daemon REST api is off, and then use traditional UNIX permission checks to Limit access to the control socket.
- Limit docker daemon permission on host.
- Run as non-root.
- Add an extra layer of safety by enabling AppArmor, SELinux, GRSEC, or your fav hardening solution.
![](/wp-content/uploads/2017/10/docker-pexels-photo-1.jpg)
Docker Security Checklist
by
Tags: