STIGhubSTIGhub
STIGsRMF ControlsCompare
STIGhub— A free STIG search and compliance tool·STIGs updated 3 days ago
Powered by Pylon·Privacy·Terms·© 2026 Beacon Cloud Solutions, Inc.
← Back to Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide

V-235855

CAT I (High)

Docker Enterprise /etc/docker directory ownership must be set to root:root.

Rule ID

SV-235855r961863_rule

STIG

Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide

Version

V2R2

CCIs

CCI-000366

Discussion

Verify that the /etc/docker directory ownership and group-ownership is correctly set to root. /etc/docker directory contains certificates and keys in addition to various sensitive files. Hence, it should be owned and group-owned by root to maintain the integrity of the directory. By default, the ownership and group-ownership for this directory is correctly set to root.

Check Content

Ensure that /etc/docker directory ownership is set to root:root.

On CentOS host OS's, execute the below command to verify that the directory is owned and group-owned by root:
stat -c %U:%G /etc/docker 

If root:root is not displayed, this is a finding.

On Ubuntu host OS's, execute the below command to verify that the /etc/default/docker directory ownership is set to root:root:
stat -c %U:%G /etc/default/docker 

If root:root is not displayed, this is a finding.

Fix Text

Set the ownership and group-ownership for the directory to root.

On CentOS host OS's, execute the following command:
chown root:root /etc/docker

On Ubuntu host OS's, execute the following command:
chown root:root /etc/default/docker