Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Secure the Controller by avoiding privilege escalation issue #802

Open
Belhach opened this issue Mar 30, 2022 · 2 comments
Open

Secure the Controller by avoiding privilege escalation issue #802

Belhach opened this issue Mar 30, 2022 · 2 comments
Assignees
@alemorcuq
Labels
backlog Issues/PRs that will be included in the project roadmap chart enhancement security
Projects
Sealed Secrets

Comments

@Belhach
Copy link
Contributor

Belhach commented Mar 30, 2022
edited

Which component:
Controller

Is your feature request related to a problem? Please describe.
There are some Privilege Escalation issues in the Controller
See vulnerability IDs in the vulnerability database : https://avd.aquasec.com
KSV001, KS020, KS021

Describe the solution you'd like
You should add these statements in the securityContext :
allowPrivilegeEscalation: false
runAsUser: UID
runAsGroup: GID

Here the UID and GID assigned should be greater than 10 000

Describe alternatives you've considered
No Alternative solution.

Additional context
None.
@github-actions github-actions bot added the triage Issues/PRs that need to be reviewed label Mar 30, 2022
@agarcia-oss agarcia-oss added enhancement security chart and removed triage Issues/PRs that need to be reviewed labels Mar 31, 2022
@agarcia-oss agarcia-oss added this to Inbox in Sealed Secrets via automation Mar 31, 2022
@alvneiayu alvneiayu added the backlog Issues/PRs that will be included in the project roadmap label Mar 31, 2022
JorgeN118 added a commit to JorgeN118/sealed-secrets that referenced this issue Apr 9, 2022
@JorgeN118
bitnami-labs#802 Secure the controller by avoiding privilege escalati…
f64f0b7 
…on issue
JorgeN118 added a commit to JorgeN118/sealed-secrets that referenced this issue Apr 9, 2022
@JorgeN118
bitnami-labs#802 Update helm chart
57bd97e
@JorgeN118 JorgeN118 mentioned this issue Apr 9, 2022
Closed
@R011y
Copy link

R011y commented Aug 11, 2023

Any update on this @JorgeN118 ?

@R011y
Copy link

R011y commented Aug 15, 2023

Any update here @alemorcuq ?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@alemorcuq alemorcuq

Labels
backlog Issues/PRs that will be included in the project roadmap chart enhancement security
Projects
Sealed Secrets
  
Inbox
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

#802 Secure controller by avoiding priv esc JorgeN118/sealed-secrets
5 participants
@agarcia-oss @alvneiayu @Belhach @alemorcuq @R011y