Docker Community Forums

Share and learn in the Docker community.

Security Vulnerability: Merged partition does not have 'nodev' option set for running containers

Hi everyone;

On our PoC environment; we have number of containers running properly; here are the env details:

OS: Centos 7.9 VM
Docker Version: 19.03.14

When we executed a security scan with NEXPOSE; it detected some “vulnerability” like following:

Vulnerability Description:
One or more of the system’s partitions are mounted without certain hardening options enabled. While this is not a definite vulnerability on its own, system security may be improved by employing hardening techniques.

Vulnerability Proof:
“/data/docker/overlay2/6a68814dc802cf921bc4128e7c52143539ad34c55a85b8ffc8faa1249a243022/merged partition does not have ‘nodev’ option set.”

When I checked Vulnerability Level on this Nexpose tool; it is 2 out ouf 10. So I am not sure this is a real critical issue or not?

As I know; nodev option can be set in /etc/fstab for mount points like /dev /dev/shm on OS level. But I could not find anything related to docker on this.

Is there anyone who has prior knowledge on this?

Best Regards