using kubernetes' kubectl can execute arbitrary commands on pod such kubectl exec pod-id-here -c container-id -- malicious_command --steal=creditcards
should ever happen, need able pull log saying executed command , command executed. includes if decided run else running /bin/bash , stealing data through tty.
how see authenticated user executed command command executed?
audit logging not offered, kubernetes community is working available in 1.4 release, should come around end of september.
Comments
Post a Comment