STIGhubSTIGhub
STIGsSearchCompareAbout

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

  • Browse STIGs
  • Search
  • Compare Versions

Resources

  • About
  • VPAT
  • DISA STIG Library
STIGs updated 2 hours ago
Powered by Pylon
© 2026 Beacon Cloud Solutions, Inc. All rights reserved.
← Back to Container Platform Security Requirements Guide

V-233070

CAT II (Medium)

Authentication files for the container platform must be protected.

Rule ID

SV-233070r960960_rule

STIG

Container Platform Security Requirements Guide

Version

V2R4

CCIs

CCI-001499

Discussion

The secure configuration of the container platform must be protected by disallowing changing to be implemented by non-privileged users. Changes to the container platform can introduce security risks and stability issues and undermine change management procedures. To secure authentication files from non-privileged user modification can be enforced using file ownership and permissions. Examples of authentication files are keys, certificates, and tokens.

Check Content

Review the container platform to verify that authentication files cannot be modified by non-privileged users. 

If non-privileged users can modify key and certificate files, this is a finding.

Fix Text

Configure the container platform to only allow authentication file modifications by privileged users.