-
Notifications
You must be signed in to change notification settings - Fork 349
Security Considerations in KubeArmor
Barun Acharya edited this page Oct 23, 2024
·
1 revision
This document highlights key security considerations and improvements for KubeArmor, focusing on enhancing the overall security posture of the project.
- Description: Focus on enhancing KubeArmor’s security score in the OpenSSF scorecard by addressing best practices and improving code quality.
- Reference: Improve Scorecard Score for KubeArmor
- Description: Support running KubeArmor in rootless containers to reduce privileges and minimize security risks, and migrate to the Universal Base Image (UBI) to reduce the size of KubeArmor images and remove unnecessary packages.
- Reference: UBI Migration
- Description: Minimize the use of the cluster-admin role, reducing the broad permissions granted to KubeArmor components.
- Description: Apply seccomp profiles to restrict the system calls that KubeArmor can use, reducing the attack surface.
- Description: Apply KubeArmor's own security policies (self-testing) and enforce strict hardening policies, such as process whitelisting, to protect the KubeArmor agent.
- Description: Ensure that all internal communication between KubeArmor components is encrypted using TLS to protect against eavesdropping.
- Description: Identify and resolve critical security vulnerabilities present in all KubeArmor container images.
- Description: Implement fuzz testing to identify potential security vulnerabilities in KubeArmor by testing with unexpected or random inputs.
- Reference: Fuzz Testing for KubeArmor
- Description: Review and remove any unnecessary hostPath mounts from the KubeArmor deployment to minimize exposure to the host filesystem.
- Reference: HostPath Mounts Used by KubeArmor
- Description: Strip away any unneeded capabilities from the KubeArmor manifests to adhere to the principle of least privilege.
- Reference: Capabilities Required by KubeArmor
- Description: Leverage OCI hooks to capture container lifecycle events without relying on hostPID and hostNetwork.
- Reference: Leverage OCI Hooks for Container Events
For more detailed security enhancements, refer to the following document: