According to documentation https://openebs.io/docs/concepts/ndm#privileged-access, NDM pod needs to be privileged.
It has RW access to whole host's filesystem, it brings a risk that compromised container will expose host for attacker. Is there any option to make privileged access limited somehow?
According to documentation https://openebs.io/docs/concepts/ndm#privileged-access, NDM pod needs to be privileged. It has RW access to whole host's filesystem, it brings a risk that compromised container will expose host for attacker. Is there any option to make privileged access limited somehow?