Kubernetes RBAC Security Pitfalls
My previous blogpost covered the basics of the Kubernetes Role-Based Access control (RBAC) module. Here, I want to provide some common mistakes and vulnerabilities ...
Read MoreSearch
A brief intro to Kubernetes Role-Based Access Control
Actually, this should have been the introduction to a blogpost about RBAC auditing and pentesting. However, after the first few paragraphs, I noticed that it is ...
Read Moredocker/kubectl exec did not respect no-new-privileges and allowPrivilegeEscalation
TL;DR: There was a bug in docker, which made docker exec not respect the no-new-privileges security option. This issue also impacted the ...
Read More