Open emirgens opened 7 months ago
Containers shouldn't run with privilege escalation to root in your Kubernetes cluster. The AllowPrivilegeEscalation attribute controls whether a process can gain more privileges than its parent process.
Add exception for these:
Prometheus references https://arthursens.medium.com/risk-analysis-and-security-compliance-in-kube-prometheus-10c8cfb180b8 https://github.com/prometheus-operator/kube-prometheus/pull/1593 https://github.com/prometheus-operator/kube-prometheus/issues/1588
nginx - run without chroot, configuration of nginx in Flux
Prometheus - look in to change the configuration of Prometheus
Containers shouldn't run with privilege escalation to root in your Kubernetes cluster. The AllowPrivilegeEscalation attribute controls whether a process can gain more privileges than its parent process.
Add exception for these:
Prometheus references https://arthursens.medium.com/risk-analysis-and-security-compliance-in-kube-prometheus-10c8cfb180b8 https://github.com/prometheus-operator/kube-prometheus/pull/1593 https://github.com/prometheus-operator/kube-prometheus/issues/1588