Limit Privileged Container Use

Description

Containers should be limited to only the privileges required to run. To prevent containers from running as privileged containers, the appropriate Security Context Constraints (SCCs) should set allowPrivilegedContainer to false.

Rationale

Privileged containers have access to all Linux Kernel capabilities and devices. If a privileged container were compromised, an attacker would have full access to the container and host.

ID: xccdf_org.ssgproject.content_rule_scc_limit_privileged_containers
Severity: Medium
References: CIP-003-8 R6 CIP-004-6 R3 CIP-007-3 R6.1

CM-6 CM-6(1)

Req-2.2

SRG-APP-000142-CTR-000330 SRG-APP-000342-CTR-000775

5.2.1
Updated: about 1 year ago