IceKube

IceKube copied to clipboard

Need to implement attack paths that leverage the bind verb.

This would require computing what the resultant permissions would be, and how we would integrate that into the graph.

escalate could easily grant all verbs, so we just assumed full access to other resources, however the same cannot be said with bind where we are limited by the verbs specified in the role.

Would also need to account for scope, ie cluster-wide or namespaced.