ReachableCEO
ab57e3a3a1
\n- Updated Dockerfiles in both toolbox-base and toolbox-template - Modified build scripts and docker-compose configurations - Added new audit tools and documentation files - Created new toolbox-DocStack and toolbox-QADocker implementations - Updated README and maintenance documentation
42 lines
1.0 KiB
Bash
Executable File
42 lines
1.0 KiB
Bash
Executable File
#!/usr/bin/env bash
|
|
|
|
set -euo pipefail
|
|
|
|
echo "Running security audit on the current environment..."
|
|
|
|
# Check for any security issues with the current setup
|
|
echo "Checking for common security issues..."
|
|
|
|
# Check if running as root (should not be)
|
|
if [ "$EUID" -eq 0 ]; then
|
|
echo "WARNING: Running as root user" >&2
|
|
exit 1
|
|
else
|
|
echo "✓ Running as non-root user"
|
|
fi
|
|
|
|
# Check for sudo access (should not have)
|
|
if command -v sudo &> /dev/null; then
|
|
echo "WARNING: Sudo is available in the container" >&2
|
|
exit 1
|
|
else
|
|
echo "✓ Sudo correctly removed from container"
|
|
fi
|
|
|
|
# Verify important security tools are available
|
|
echo "Checking for security tools..."
|
|
if command -v trivy &> /dev/null; then
|
|
echo "✓ Trivy security scanner available"
|
|
else
|
|
echo "✗ Trivy security scanner not available" >&2
|
|
exit 1
|
|
fi
|
|
|
|
if command -v hadolint &> /dev/null; then
|
|
echo "✓ Hadolint Dockerfile linter available"
|
|
else
|
|
echo "✗ Hadolint Dockerfile linter not available" >&2
|
|
exit 1
|
|
fi
|
|
|
|
echo "Security audit completed successfully!" |