Security Vulnerability: Merged partition does not have 'nodev' option set for running containers

ecetiner87 · December 29, 2020, 10:48pm

Hi everyone;

On our PoC environment; we have number of containers running properly; here are the env details:

OS: Centos 7.9 VM
Docker Version: 19.03.14

When we executed a security scan with NEXPOSE; it detected some “vulnerability” like following:

Vulnerability Description:
One or more of the system’s partitions are mounted without certain hardening options enabled. While this is not a definite vulnerability on its own, system security may be improved by employing hardening techniques.

Vulnerability Proof:
“/data/docker/overlay2/6a68814dc802cf921bc4128e7c52143539ad34c55a85b8ffc8faa1249a243022/merged partition does not have ‘nodev’ option set.”

When I checked Vulnerability Level on this Nexpose tool; it is 2 out ouf 10. So I am not sure this is a real critical issue or not?

As I know; nodev option can be set in /etc/fstab for mount points like /dev /dev/shm on OS level. But I could not find anything related to docker on this.

Is there anyone who has prior knowledge on this?

Best Regards

Topic		Replies	Views
Setting nodev to mount point in docker host General aws , docker	0	2650	April 18, 2018
Docker run failure - fuse: device not found General docker , runc	1	3965	March 26, 2023
Mounted volume / wrong df value reported General	14	3149	August 2, 2021
"Error creating overlay mount" with SELinux enabled General docker	14	1404	October 16, 2024
Container can't write data in overlays General	0	910	August 2, 2018

Security Vulnerability: Merged partition does not have 'nodev' option set for running containers

Related topics