Container is running in privileged mode Affecting Deployment service in Kubernetes

Severity Framework Snyk CCSS

Rule category Containers / Access Control

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications

Frameworks

CIS-Controls CIS-Kubernetes CSA-CCM

Snyk ID SNYK-CC-00605
credit Snyk Research Team

Report a new misconfiguration Found a mistake?

Description

Compromised container could potentially modify the underlying host kernel by loading unauthorized modules (i.e. drivers).

How to fix?

Remove securityContext.privileged attribute, or set value to false.

Example Configuration

apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app: myapp
spec:
  containers:
  - name: myapp-container
    image: busybox
    command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600']
    securityContext:
      privileged: false

Terraform

kubernetes_pod

References

CIS Kubernetes Benchmark 1.6.0 - 5.2.1 Minimize the admission of privileged containers