rancher icon indicating copy to clipboard operation
rancher copied to clipboard

Published 20 hours ago verified publisher icon rancher

[CIS] user application with binary name etcdkeeper interfere with CIS Scans

Open ashum81 opened this issue 6 months ago • 1 comments

Rancher 2.7.10. CIS benchmark 4.2.0.

Describe the bug User application with binary name etcdkeeper interfere with CIS Scans.

To Reproduce Create a sample workload with a binary name etcdkeeper and deploy it in the cluster.

Result CIS scan reports Mixed Fail:

1.1.7 Ensure that the etcd pod specification file permissions are set to 644 or more restrictive (Automated) 1.1.8 Ensure that the etcd pod specification file ownership is set to root:root (Automated) 1.1.11 Ensure that the etcd data directory permissions are set to 700 or more restrictive (Automated) 2.7 Ensure that a unique Certificate Authority is used for etcd (Automated)

image

Expected Result Do not detect binary name etcdkeeper as a etcd binary.

rancher/issues/26598

ashum81 avatar Aug 06 '24 12:08 ashum81