if configured with no-new-privileges, pass check 5.25

[konstruktoid]

If the daemon is configured with "no-new-privileges": true, then pass check 5.25.

Closes #492

$ sudo bash docker-bench-security.sh -c check_2_14,check_5_25 | grep -A3 'Section A'
Section A - Check results
[PASS] 2.14 - Ensure containers are restricted from acquiring new privileges (Scored)
[PASS] 5.25 - Ensure that the container is restricted from acquiring additional privileges (Automated)

$ docker ps
CONTAINER ID   IMAGE                COMMAND                  CREATED          STATUS                            PORTS             NAMES
fbb7b4a1f3b6   konstruktoid/nginx   "/usr/sbin/nginx -g …"   15 minutes ago   Up 5 minutes (health: starting)   80/tcp, 443/tcp   friendly_vaughan
99721b1a8558   konstruktoid/nginx   "/usr/sbin/nginx -g …"   54 minutes ago   Up 5 minutes (health: starting)   80/tcp, 443/tcp   jolly_blackwell
$ docker inspect --format 'SecurityOpt={{.HostConfig.SecurityOpt }}' "$(docker ps -qa)" | grep 'no-new-privileges'
Error: No such object: fbb7b4a1f3b6
99721b1a8558
$ sudo rm /etc/docker/daemon.json
$ sudo systemctl restart docker
$ docker start fbb 997
fbb
997
$ sudo bash docker-bench-security.sh -c check_2_14,check_5_25 | grep -A3 'Section A'
Section A - Check results
[WARN] 2.14 - Ensure containers are restricted from acquiring new privileges (Scored)
[WARN] 5.25 - Ensure that the container is restricted from acquiring additional privileges (Automated)
[WARN]       * Privileges not restricted: jolly_blackwell

Signed-off-by: Thomas Sjögren konstruktoid@users.noreply.github.com