lintai docs

Appearance

Rule Reference

SEC748lintai-ai-securitythreat-reviewsecuritystabledocker-composewarn

Docker Compose: privileged service runtime

Docker Compose service enables privileged container runtime or host namespace access

Public lane
threat-review
Category
security
Provider
lintai-ai-security
Scope
per-file
Surface
docker-compose
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message only
How to read this lane

Explicit malicious, secret-bearing, or spyware-like review.

How to read this category

Strong exploit, secret, or unsafe-execution signal.

Activation Model

Preset Activation

These presets explain where this rule appears in the product experience.

threat-reviewsidecar lane

Lifecycle

Stable Lifecycle Contract

State

stable

Graduation rationale

Checks committed Docker Compose service definitions for overt host-integrated runtime controls such as privileged mode, dangerous capability grants, or host namespace access.

Deterministic signal basis

DockerComposeSignals combines semantic confirmation of a Compose `services` map with indentation-aware line matching for `privileged: true`, `cap_add: [ALL|SYS_ADMIN]`, and `network_mode`/`pid`/`ipc: host` inside service blocks.

Malicious corpus
docker-compose-privileged-runtime
Benign corpus
docker-compose-safe-runtime
structured evidence required remediation reviewed
Canonical note

Structural stable rule positioned as an explicit threat-review control: high-signal malicious, credential-bearing, or spyware-like behavior that stays opt-in rather than shaping the quiet default.

Nearby Signals

Related Rules

SEC750Docker Compose: mutable service imageDocker Compose service image uses a mutable registry reference without a digest pinsupply-chainhardeningdocker-compose
SEC752Docker Compose: latest or implicit-latest service image tagDocker Compose service image uses a latest or implicit-latest tagsupply-chainhardeningdocker-compose

Why It Matters

Committed Compose files can silently grant containers near-host-level authority through privileged mode, dangerous Linux capabilities, or host namespaces. Those flags materially increase the impact of any compromised process inside the service.

SEC748 is positioned in the explicit threat-review lane rather than general supply-chain hardening because it represents an overt host-integrated runtime escape surface, not just a reproducibility or pinning concern.

What Triggers

SEC748 matches Docker Compose service definitions when they enable runtime-dangerous settings such as:

  • privileged: true
  • cap_add containing ALL or SYS_ADMIN
  • network_mode: host
  • pid: host
  • ipc: host

False Positives

The rule is gated to semantic Compose files with a services map and only looks at explicit high-risk runtime controls inside service blocks. Ordinary capability additions like NET_BIND_SERVICE do not trigger it.

Remediation

Remove privileged mode, avoid SYS_ADMIN or ALL, and keep services isolated from host namespaces unless the configuration has been separately reviewed as a deliberate host-integrated workload.