Closed wxpppp closed 7 months ago
code | level | alerts | |||
---|---|---|---|---|---|
0 | DKL-DI-0005 | FATAL | Use 'rm -rf /var/lib/apt/lists' after 'apt-get install | update' : | 0 /bin/sh -c apt-get update && apt-get install -y git curl ca-certificates unzip xz-utils && useradd rancher && mkdir -p /var/lib/rancher/etcd /var/lib/cattle /opt/jail /opt/drivers/management-state/bin && chown -R rancher /var/lib/rancher /var/lib/cattle /usr/local/bin |
1 | CIS-DI-0001 | WARN | Last user should not be root | ||
2 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build | ||
3 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement | ||
4 | CIS-DI-0008 | INFO | setuid file: urwxr-xr-x usr/bin/gpasswd | ||
5 | DKL-LI-0003 | INFO | Suspicious directory : var/lib/rancher-data/local-catalogs/system-library/.git |
code | level | alerts | |||
---|---|---|---|---|---|
0 | DKL-DI-0005 | FATAL | Use 'rm -rf /var/lib/apt/lists' after 'apt-get install | update' : | 0 /bin/sh -c apt-get update && apt-get install -y git curl ca-certificates unzip xz-utils && useradd rancher && mkdir -p /var/lib/rancher/etcd /var/lib/cattle /opt/jail /opt/drivers/management-state/bin && chown -R rancher /var/lib/rancher /var/lib/cattle /usr/local/bin |
1 | CIS-DI-0001 | WARN | Last user should not be root | ||
2 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build | ||
3 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement | ||
4 | CIS-DI-0008 | INFO | setuid file: urwxr-xr-x usr/bin/chfn | ||
5 | DKL-LI-0003 | INFO | Suspicious directory : var/lib/rancher-data/local-catalogs/system-library/.git |
code | level | alerts | |||
---|---|---|---|---|---|
0 | DKL-DI-0005 | FATAL | Use 'rm -rf /var/lib/apt/lists' after 'apt-get install | update' : | 0 /bin/sh -c apt-get update && apt-get install -y git curl ca-certificates unzip xz-utils && useradd rancher && mkdir -p /var/lib/rancher/etcd /var/lib/cattle /opt/jail /opt/drivers/management-state/bin && chown -R rancher /var/lib/rancher /var/lib/cattle /usr/local/bin |
1 | CIS-DI-0001 | WARN | Last user should not be root | ||
2 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build | ||
3 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement | ||
4 | CIS-DI-0008 | INFO | setgid file: grwxr-xr-x usr/sbin/unix_chkpwd | ||
5 | DKL-LI-0003 | INFO | unnecessary file : var/lib/rancher-data/local-catalogs/library/charts/mongodb-replicaset/v3.9.6/install/Dockerfile |
code | level | alerts | |||
---|---|---|---|---|---|
0 | DKL-DI-0005 | FATAL | Use 'rm -rf /var/lib/apt/lists' after 'apt-get install | update' : | 1 DEBIAN_FRONTEND=noninteractive /bin/sh -c groupadd -r clickhouse --gid=101 && useradd -r -g clickhouse --uid=101 --home-dir=/var/lib/clickhouse --shell=/bin/bash clickhouse && apt-get update && apt-get install --yes --no-install-recommends apt-transport-https ca-certificates dirmngr gnupg locales wget tzdata && apt-get clean |
1 | CIS-DI-0001 | WARN | Last user should not be root | ||
2 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build | ||
3 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement | ||
4 | CIS-DI-0008 | INFO | setgid file: grwxr-xr-x usr/bin/chage |
code | level | alerts | |
---|---|---|---|
0 | DKL-LI-0001 | SKIP | failed to detect etc/shadow,etc/master.passwd |
1 | DKL-LI-0002 | SKIP | failed to detect etc/passwd |
2 | CIS-DI-0001 | WARN | Last user should not be root |
3 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build |
4 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement |
code | level | alerts | |||
---|---|---|---|---|---|
0 | DKL-DI-0005 | FATAL | Use 'rm -rf /var/lib/apt/lists' after 'apt-get install | update' : | 1 DEBIAN_FRONTEND=noninteractive /bin/sh -c groupadd -r clickhouse --gid=101 && useradd -r -g clickhouse --uid=101 --home-dir=/var/lib/clickhouse --shell=/bin/bash clickhouse && apt-get update && apt-get install --yes --no-install-recommends apt-transport-https ca-certificates dirmngr gnupg locales wget tzdata && apt-get clean |
1 | CIS-DI-0001 | WARN | Last user should not be root | ||
2 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build | ||
3 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement | ||
4 | CIS-DI-0008 | INFO | setuid file: urwxr-xr-x usr/bin/chfn |
code | level | alerts | |||
---|---|---|---|---|---|
0 | DKL-DI-0005 | FATAL | Use 'rm -rf /var/lib/apt/lists' after 'apt-get install | update' : | 0 /bin/sh -c apt-get update && apt-get install -y git curl ca-certificates unzip xz-utils && useradd rancher && mkdir -p /var/lib/rancher/etcd /var/lib/cattle /opt/jail /opt/drivers/management-state/bin && chown -R rancher /var/lib/rancher /var/lib/cattle /usr/local/bin |
1 | CIS-DI-0001 | WARN | Last user should not be root | ||
2 | CIS-DI-0005 | INFO | export DOCKER_CONTENT_TRUST=1 before docker pull/build | ||
3 | CIS-DI-0006 | INFO | not found HEALTHCHECK statement | ||
4 | CIS-DI-0008 | INFO | setgid file: grwxr-xr-x usr/bin/wall | ||
5 | DKL-LI-0003 | INFO | unnecessary file : var/lib/rancher-data/local-catalogs/library/charts/mongodb-replicaset/v3.3.0/install/Dockerfile |