Closed VeenaThimmegowda closed 6 months ago
This issue is currently awaiting triage.
If kube-state-metrics contributors determine this is a relevant issue, they will accept it by applying the triage/accepted
label and provide further guidance.
The triage/accepted
label can be added by org members by writing /triage accepted
in a comment.
I would follow the comments on https://github.com/prometheus/prometheus/issues/13757 and don't think there's anything we can do. If you have a specific need for your org, the source code is available to build it yourself.
Following UK TSR requirement provided by the UK Department for Digital, Culture, Media and Sport in conjunction with the UK NCSC
V.D.4: Address Space Layout Randomization The vendor only ships executable code that has been compiled using modern ASLR techniques. Why it matters: Widely used to make it more difficult for an attacker to exploit any security issues. Evaluation (Security Declaration):The Security Declaration states whether the vendor’s products use ASLR throughout their product. Evaluation (Customer or third-party lab test): Verify that address space layer randomization mitigations are enabled by (automatically) inspecting the product for this mitigation.