Skip to content

Commit

Permalink
Add sensitive mount of mouting to /var/lib/kubelet*
Browse files Browse the repository at this point in the history
  • Loading branch information
Kaizhe authored and mstemm committed Nov 9, 2018
1 parent 896e390 commit 9871712
Showing 1 changed file with 1 addition and 0 deletions.
1 change: 1 addition & 0 deletions rules/falco_rules.yaml
Original file line number Diff line number Diff line change
Expand Up @@ -1387,6 +1387,7 @@
- macro: sensitive_mount
condition: (container.mount.dest[/proc*] != "N/A" or
container.mount.dest[/var/run/docker.sock] != "N/A" or
container.mount.dest[/var/lib/kubelet*] != "N/A" or
container.mount.dest[/] != "N/A" or
container.mount.dest[/etc] != "N/A" or
container.mount.dest[/root*] != "N/A")
Expand Down

0 comments on commit 9871712

Please sign in to comment.