On our PoC environment; we have number of containers running properly; here are the env details:
OS: Centos 7.9 VM
Docker Version: 19.03.14
When we executed a security scan with NEXPOSE; it detected some “vulnerability” like following:
One or more of the system’s partitions are mounted without certain hardening options enabled. While this is not a definite vulnerability on its own, system security may be improved by employing hardening techniques.
“/data/docker/overlay2/6a68814dc802cf921bc4128e7c52143539ad34c55a85b8ffc8faa1249a243022/merged partition does not have ‘nodev’ option set.”
When I checked Vulnerability Level on this Nexpose tool; it is 2 out ouf 10. So I am not sure this is a real critical issue or not?
As I know; nodev option can be set in /etc/fstab for mount points like /dev /dev/shm on OS level. But I could not find anything related to docker on this.
Is there anyone who has prior knowledge on this?