/
Container With Privilege Escalation Should Be Avoided

Container With Privilege Escalation Should Be Avoided

Owned by Former user (Deleted)
Aug 17, 2021
1 min read

Description:

Containers shouldn't run with privilege escalation to root in your Kubernetes cluster. The AllowPrivilegeEscalation attribute controls whether a process can gain more privileges than its parent process.



Remediation:

1. From the Unhealthy resources tab, select the cluster. Security Center lists the pods running containers with privilege escalation to root in your Kubernetes cluster.
2. For these pods, set the AllowPrivilegeEscalation flag to 'false' on the security context of the container's spec.
3. After making your changes, redeploy the pod with the updated spec.

Related content

Privileged Containers Should be Avoided
Privileged Containers Should be Avoided
CUIT CyberSecurity
More like this
Running Containers as Root User Should be Avoided
Running Containers as Root User Should be Avoided
CUIT CyberSecurity
More like this
Least Privileged Linux Capabilities Should Be Enforced for Containers
Least Privileged Linux Capabilities Should Be Enforced for Containers
CUIT CyberSecurity
More like this
Immutable (Read-Only) Root Filesystem Should Be Enforced for Containers
Immutable (Read-Only) Root Filesystem Should Be Enforced for Containers
CUIT CyberSecurity
More like this
Containers Sharing Sensitive Host Namespaces Should Be Avoided
Containers Sharing Sensitive Host Namespaces Should Be Avoided
CUIT CyberSecurity
More like this
Overriding or Disabling of Containers AppArmor Profile Should Be Restricted
Overriding or Disabling of Containers AppArmor Profile Should Be Restricted
CUIT CyberSecurity
More like this