Dex is allowing Privilege escalation and run as Root #2730
Labels
area/security
Issue is about security failures, weaknesses, or has security implications
kind/bug
Something isn't working
kind/enhancement
New feature or request
Comments
riqueps
changed the title
andreas-kupries
added
area/security
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Is your feature request related to a problem? Please describe.
Dex Pod is not following security best practices, which could be a high risk for enterprise operations.
By not explicitly
denying privilege escalation, permits a process created within the container to execute a set-user-id, set-group-id, or file capability executable to gain the privileges specified by the executable.By not explicitly
denying container run as root, an attacker could gains access to the container and have full control over the host system.Describe the solution you'd like
Implement:
spec.securityContext.runAsNonRootspec.containers[*].securityContext.allowPrivilegeEscalationScreenshot of Security Context section
The text was updated successfully, but these errors were encountered: