The container platform runtime must isolate security functions from non-security functions.
Severity | Group ID | Group Title | Version | Rule ID | Date | STIG Version |
|---|---|---|---|---|---|---|
| medium | V-233125 | SRG-APP-000233 | SRG-APP-000233-CTR-000585 | SV-233125r961131_rule | 2024-12-05 | 2 |
| Description |
|---|
| The container platform runtime must be configured to isolate those services used for security functions from those used for non-security functions. This separation can be performed using environment variables, labels, network segregation, and kernel groups. |
| ℹ️ Check |
|---|
| Verify container platform runtime configuration settings to determine whether container services used for security functions are located in an isolated security function such as a separate environment variables, labels, network segregation, and kernel groups. If security-related functions are not separate, this is a finding. |
| ✔️ Fix |
|---|
| Configure the container platform runtime to isolate security functions from non-security functions. |