azure-key-vault-to-kubernetes icon indicating copy to clipboard operation
azure-key-vault-to-kubernetes copied to clipboard

Published 20 hours ago verified publisher icon SparebankenVest

Kubernetes clusters should not allow container privilege escalation

Open newtonsheikh opened this issue 3 years ago • 2 comments

From AKS cluster i got compliance privilege escalation for both injector and controller, which directory its asking for privilage access?

newtonsheikh avatar Sep 08 '21 08:09 newtonsheikh

It might be this one:

      - mountPath: /etc/kubernetes/azure.json
        name: azureconf
        readOnly: true

Haavare avatar Oct 22 '21 10:10 Haavare

I think this is coming from the lack of having a securityContext block on the injected initContainer, and would be fixed by #548

tspearconquest avatar Jun 30 '23 17:06 tspearconquest