Kubernetes API Server Bypass Risks #42
Comments
k8s-ci-robot
added
sig/security
|
The Kubernetes project currently lacks enough contributors to adequately respond to all issues and PRs. This bot triages issues and PRs according to the following rules:
You can:
Please send feedback to sig-contributor-experience at kubernetes/community. /lifecycle stale |
k8s-ci-robot
added
the
lifecycle/stale
|
/remove-lifecycle stale |
k8s-ci-robot
removed
the
lifecycle/stale
|
/assign @raesene |
|
I've put some initial thoughts for this in a hackmd here feel free to add/suggest changes :) Once we've gathered some ideas, we can create a PR for k/website to get wider feedback |
|
What is about the pause container? An attacker who can change the pause container image, also bypasses the API? 🤔 |
|
@p4ck3t0 so at the moment we're focusing more on how things are changed rather than what they'd change, but you raise a good point, in that people could modify container images either on-host or via the CRI daemon, and that's definitely worth including. |
|
This has been merged now woooo kubernetes/website#35908 |
Based on a suggestion from @JimBugwadia on slack an idea for a good page on the Kubernetes website would be to collate configurations or privileges which could allow a malicious user or attacker to bypass the API server. As many key security controls (e.g. Auditing and admission control) are handled at the API server layer, attacks which bypass it can present a serious risk to cluster security.
Some examples :-
/sig security docs
The text was updated successfully, but these errors were encountered: