lintai docs

Appearance

Rule Reference

SEC748lintai-ai-securitystabledocker-composewarn

Docker Compose: privileged service runtime

Docker Compose service enables privileged container runtime or host namespace access

Provider
lintai-ai-security
Surface
docker-compose
Scope
per_file
Tier
stable
Severity
warn
Confidence
high
Detection
structural
Remediation
message_only

Activation Model

Preset Membership

This rule is part of the builtin activation graph through these preset memberships.

supply-chainmembership

Lifecycle

Stable Lifecycle Contract

State

stable_gated

Graduation rationale

Checks committed Docker Compose service definitions for privileged runtime, dangerous capability grants, or host namespace access.

Deterministic signal basis

DockerComposeSignals combines semantic confirmation of a Compose `services` map with indentation-aware line matching for `privileged: true`, `cap_add: [ALL|SYS_ADMIN]`, and `network_mode`/`pid`/`ipc: host` inside service blocks.

Malicious corpus
docker-compose-privileged-runtime
Benign corpus
docker-compose-safe-runtime
structured evidence required remediation reviewed
Canonical note

Structural stable rule intended as a high-precision check with deterministic evidence.

Nearby Signals

Related Rules

SEC750Docker Compose: mutable service imageDocker Compose service image uses a mutable registry reference without a digest pindocker-composestable
SEC752Docker Compose: latest or implicit-latest service image tagDocker Compose service image uses a latest or implicit-latest tagdocker-composestable

Why It Matters

Committed Compose files can silently grant containers near-host-level authority through privileged mode, dangerous Linux capabilities, or host namespaces. Those flags materially increase the impact of any compromised process inside the service.

What Triggers

SEC748 matches Docker Compose service definitions when they enable runtime-dangerous settings such as:

  • privileged: true
  • cap_add containing ALL or SYS_ADMIN
  • network_mode: host
  • pid: host
  • ipc: host

False Positives

The rule is gated to semantic Compose files with a services map and only looks at explicit high-risk runtime controls inside service blocks. Ordinary capability additions like NET_BIND_SERVICE do not trigger it.

Remediation

Remove privileged mode, avoid SYS_ADMIN or ALL, and keep services isolated from host namespaces unless the configuration has been separately reviewed as a deliberate host-integrated workload.