From 4c27e28861e760e9e10a8ada5e97435249acd5f5 Mon Sep 17 00:00:00 2001 From: Josh Wolf Date: Tue, 16 Jul 2024 12:53:16 -0400 Subject: [PATCH] Update image-stigs.md (#1694) typo in firmware Signed-off-by: Josh Wolf --- .../chainguard-images/working-with-images/image-stigs.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/content/chainguard/chainguard-images/working-with-images/image-stigs.md b/content/chainguard/chainguard-images/working-with-images/image-stigs.md index 2f106aea9f..71ea11cff2 100644 --- a/content/chainguard/chainguard-images/working-with-images/image-stigs.md +++ b/content/chainguard/chainguard-images/working-with-images/image-stigs.md @@ -122,7 +122,7 @@ The host's container execution environment further reduces the risk of unauthori ASLR configuration is the responsibility of the host operating system on which containers run. Applications running within a container on a host that has ASLR enabled will automatically be protected by the configuration. No additional action is needed to ensure that container-based applications are protected. -### Host firmware +### Host firewall Linux containers inherit the firewall configuration of their host operating system which dictates which ports on the container can be accessed from the network. Selection of which ports to make accessible on the applications running on the container is the responsibility of the host firewall configuration — an additional application-level firewall inside the container is not necessary. @@ -151,4 +151,4 @@ These containers can be validated against the General Purpose Operating System S If interested, you can access Chainguard's General Purpose Operating System STIG through the Early Access Program. If you’re interested in participating in the program, please fill out the [interest form](https://docs.google.com/forms/d/e/1FAIpQLSdKqtAziDyLpTtQw5v77orKup5jap0QP1T-VrAj4g32Y1pE6w/viewform?utm_source=blog&utm_medium=website&utm_campaign=FY25-EC-Blog_sourced) or email [compliance@chainguard.dev](mailto:compliance@chainguard.dev). -If you'd like to learn more about how Chainguard Images can help you meet FedRAMP compliance, we encourage you to refer to our overview of [Chainguard's FIPS-ready Images](/chainguard/chainguard-images/working-with-images/fips-images/). \ No newline at end of file +If you'd like to learn more about how Chainguard Images can help you meet FedRAMP compliance, we encourage you to refer to our overview of [Chainguard's FIPS-ready Images](/chainguard/chainguard-images/working-with-images/fips-images/).