Get full access to Mastering Docker - Third Edition and 60K+ other titles, with a free 10-day trial of O'Reilly.

There are also live events, courses curated by job role, and more.

Container runtime

As we were a little silly when launching our containers on the Docker Host that we audited, we know that there will be a lot of vulnerabilities here, and there are 11 of them altogether:

[WARN] 5.2 - Ensure SELinux security options are set, if applicable[WARN]     * No SecurityOptions Found: sshd[WARN]     * No SecurityOptions Found: root-nginx

The preceding vulnerability is a false positive; we are not running SELinux, as it is an Ubuntu machine, and SELinux is only applicable to Red Hat based machines; instead, 5.1 shows us the result, which is a [PASS], which we want:

[PASS] 5.1  - Ensure AppArmor Profile is Enabled

The next two [WARN] statuses are of our own making, as follows:

[WARN] 5.4 - Ensure privileged containers are not ...

Get Mastering Docker - Third Edition now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.

Start your free trial

Don’t leave empty-handed

Get Mark Richards’s Software Architecture Patterns ebook to better understand how to design components—and how they should interact.

It’s yours, free.

Get it now

Check it out now on O’Reilly

Dive in for free with a 10-day trial of the O’Reilly learning platform—then explore all the other resources our members count on to build skills and solve problems every day.

Start your free trial Become a member now