You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When trying to limit process execution in matchPaths in BPF-LSM, the execname does NOT work if also parent process is specified via fromSource. Without parent process (just execname), it works. If a command is specified instead as an absolute path, both combinations (without and with fromSource) work as expected.
So the only misbehaviour is execname + fromSource.
Bug Report
When trying to limit process execution in
matchPaths
in BPF-LSM, theexecname
does NOT work if also parent process is specified viafromSource
. Without parent process (justexecname
), it works. If a command is specified instead as an absolutepath
, both combinations (without and withfromSource
) work as expected.So the only misbehaviour is
execname
+fromSource
.General Information
Environment description (GKE, VM-Kubeadm, vagrant-dev-env, minikube, microk8s, ...)
EKS
Kernel version (run
uname -a
)6.1.115-126.197.amzn2023.x86_64
Orchestration system version in use (e.g.
kubectl version
, ...)KubeArmor version:
kubearmor/kubearmor-operator:v1.4.3
Link to relevant artifacts (policies, deployments scripts, ...)
To Reproduce
app.kubernetes.io/component=www
bash
Execution of
curl
fails!Execution of
curl
now proceeds.Obviously there is some inconsitency when evaluating curl execution with
fromSource
betweenexecname
andpath
.Expected behavior
When
curl
is allowed to run viaexecname
withfromSource
, it should allow running a process, but does not.The text was updated successfully, but these errors were encountered: