STIGhubSTIGhub
STIGsSearchCompare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • Release Notes
  • VPAT
  • DISA STIG Library
STIGs updated 3 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Container Platform Security Requirements Guide

V-233186

CAT II (Medium)

The container platform registry must prohibit installation or modification of container images without explicit privileged status.

Rule ID

SV-233186r981888_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-003980

Discussion

Controlling access to those users and roles that perform container platform registry functions reduces the risk of untested or potentially malicious containers from being introduced into the platform. This access may be separate from the access required to instantiate container images into services and those access requirements required to perform patch management and upgrades within the container platform. Explicit privileges (escalated or administrative privileges) provide the regular user with explicit capabilities and control that exceeds the rights of a regular user.

Check Content

Review container platform registry security settings with respect to nonadministrative users' ability to create, alter, or replace container images. 

If any such permissions exist and are not documented and approved, this is a finding.

Fix Text

Document and obtain approval for any nonadministrative users who require the ability to create, alter, or replace container images within the container platform registry. Implement the approved permissions. Revoke any unapproved permissions.