Container is running in privileged mode Affecting Deployment service in Kubernetes


Severity

0.0
high
0
10
    Severity Framework
    Snyk CCSS
    Rule category
    Containers / Access Control

Is your enviroment affected by this misconfiguration?

In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.

Test your applications
    Frameworks
    CIS-Controls CIS-Kubernetes CSA-CCM
  • Snyk ID SNYK-CC-00605
  • credit Snyk Research Team

Description

Compromised container could potentially modify the underlying host kernel by loading unauthorized modules (i.e. drivers).

How to fix?

Remove securityContext.privileged attribute, or set value to false.

Example Configuration

apiVersion: v1
kind: Pod
metadata:
  name: myapp-pod
  labels:
    app: myapp
spec:
  containers:
  - name: myapp-container
    image: busybox
    command: ['sh', '-c', 'echo Hello Kubernetes! && sleep 3600']
    securityContext:
      privileged: false

Terraform