--- title: "Protect Docker Settings from Tampering | Security Cookbook" description: "Restrict Docker Desktop settings to Docker signed processes, blocking attackers from enabling headless mode to hide credential theft in containers." doc_version: "1" last_updated: "2026-05-22" canonical: "https://northpole.security/cookbook/protect-docker-settings" --- [Back](https://northpole.security/cookbook) ### Idea At Objective By the Sea conference, Colson Wilhoit demonstrated how attackers can use Docker as a means of hiding from macOS security tools. Because Docker supports running containers in a Linux virtual machine, security monitoring tools that use the macOS Endpoint Security Framework can't see what's happening inside the VM. And since containers can mount volumes from the host into the VM, attackers can steal credential files or take other actions that modify the host's file system. By changing the Docker settings files, attackers can get Docker Desktop to run in headless mode. Then they can run a container image with the keychain and other credentials mounted as a volume and upload them, all without showing a UI to the user. Santa's file access rules can protect the Docker settings so they're only accessible by Docker's team ID. ### Solutions File AccessProtect Docker Settings Restrict Docker settings access to Docker processes only Path Prefixes - • /Users/\*/Library/Group Containers/group.com.docker/ Options Allow Read Access:true Audit Only:false Rule Type:PathsWithAllowedProcesses Processes - • Team ID:9BNSXJN65R Custom Message Docker settings can only be modified by Docker Desktop ### Mitre Attack Tactics [Stealth](https://attack.mitre.org/tactics/TA0005/)[Credential Access](https://attack.mitre.org/tactics/TA0006/) Techniques [T1564.006: Run Virtual Instance](https://attack.mitre.org/techniques/T1564/006/)[T1036: Masquerading](https://attack.mitre.org/techniques/T1036/)[T1552.001: Credentials In Files](https://attack.mitre.org/techniques/T1552/001/) ### Tags dockercontainer-securitycredentials ### Deployment Notes This rule protects Docker Desktop settings from being modified by unauthorized processes. Only processes signed with Docker's team ID (9BNSXJN65R) can modify the settings files. This prevents attackers from enabling headless mode or other settings changes that could be used to hide malicious activity inside containers. ### False Positive Guidance Docker Desktop is the only legitimate process that needs to modify these settings. If you use other Docker management tools, you may need to add their team IDs to the allowlist. ### Resources [Objective By the Sea: Docker VM SecurityTake a look](https://www.youtube.com/watch?v=AMbxs2Nh-Rc&t=1s) ## Sitemap - [Home](https://northpole.security/index.md) - [Workshop](https://northpole.security/workshop.md) - [Santa](https://northpole.security/santa.md) - [Features](https://northpole.security/features.md) - [Cookbook](https://northpole.security/cookbook.md) - [Docs](https://northpole.security/docs.md) - [Blog](https://northpole.security/blog.md) - [Glossary](https://northpole.security/glossary.md) - [About](https://northpole.security/about.md) - [Contact](https://northpole.security/contact.md)