Class: ContainerNumberProcess

Inherits:

Dockscan::Modules::AuditModule

• Object
• Dockscan::Modules::GenericModule
• Dockscan::Modules::AuditModule
• ContainerNumberProcess

Defined in:

lib/dockscan/modules/audit/container-number-process.rb

Instance Attribute Summary

Attributes inherited from Dockscan::Modules::AuditModule

#scandata

Instance Method Summary

• #check(dockercheck) ⇒ Object
• #info ⇒ Object

Methods inherited from Dockscan::Modules::AuditModule

#idcontainer

Methods inherited from Dockscan::Modules::GenericModule

inherited, modules

Instance Method Details

#check(dockercheck) ⇒ Object

# File 'lib/dockscan/modules/audit/container-number-process.rb', line 7

def check(dockercheck)

	limit=1
	sp=Dockscan::Scan::Plugin.new
	si=Dockscan::Scan::Issue.new
	si.title="Container have higher number of processess"
	si.description="Container have more than allowable number of processes.\nThis is not recommended for production as it does not provide intended isolation."
	si.solution="It is recommended to have single process inside container. If you have more than one process, it is recommended to split them in separate containers."
	si.severity=4 # Low
	si.risk = { "cvss" => 3.2 } 
	sp.vuln=si	
	sp.output=""
	if scandata.key?("GetContainersRunning") and not scandata["GetContainersRunning"].obj.empty?
		sp.state="run"
		scandata["GetContainersRunning"].obj.each do |container|
			ps=container.top
			if ps.count > limit then
				sp.state="vulnerable"
				sp.output << idcontainer(container) << " has more than #{limit} process(es): #{ps.count}\n"
				ps.each do |process|
					sp.output << process["CMD"] << "\n"
				end
				sp.output << "\n"
			end
		end
	end
	return sp
end

#info ⇒ Object

# File 'lib/dockscan/modules/audit/container-number-process.rb', line 3

def info
	return 'This plugin checks number of container processes'
end