Closed faust64 closed 2 years ago
Hi @faust64 If we run kube-hunter as a non root user, we would not be able to open a RAW_SOCKET to our fault. So this would eliminate users the option to discover if the configuration of their cluster is faulty. Thanks for the thought though! I'm sure you could contribute something else in kube-hunter :) looking forward to hearing from you
Description
Fixes the Kubernetes job sample.
Fixed Issues
Without this patch, starting a scan using the job.yaml provided here would result in Pod refusing to start - when Kubernetes PodSecurityPolicy are enabled
"BEFORE" and "AFTER" output
BEFORE
AFTER
Contribution checklist
Notes
No changes to python code, I did not open an issue, nor did I find another one that would mention this. I did not add checks, have not written tests, ... Being a small / obvious patch, Kubernetes-specific, I hope this would not be an issue. Otherwise let me know.