fluentd-kubernetes-daemonset icon indicating copy to clipboard operation
fluentd-kubernetes-daemonset copied to clipboard

Published 20 hours ago verified publisher icon fluent

Fluentd security impact with root user

Open rishavsharma9802 opened this issue 2 years ago • 2 comments

Docker provides a privileged mode, which lets a container run as ‘root’. Running a container in privileged mode provides the capabilities of that host—including:

Root access to all devices Ability to tamper with Linux security modules like AppArmor and SELinux Ability to install a new instance of the Docker platform, using the host's kernel capabilities, and run Docker within Docker. Privileged containers create a major security risk—enabling attackers to easily escalate privileges if the container is compromised. Therefore, it is not recommended to use privileged containers in a production environment. Best of all, never use them in any environment.

This is extremely important to mitigate vulnerabilities in daemons and container runtimes, which can grant root access of entire nodes and clusters to an attacker.

Earlier there was a thread but no outcome came in that https://github.com/fluent/fluentd-kubernetes-daemonset/issues/420

Please provide some solution to resolve this so that fluentd with non-root user can work in a similar way without keeping the security on risk.

Reference link for Docker security guidelines https://cheatsheetseries.owasp.org/cheatsheets/Docker_Security_Cheat_Sheet.html

rishavsharma9802 avatar Apr 26 '22 17:04 rishavsharma9802