github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-06-27 07:07:23 +00:00
Code Issues Projects Releases Wiki Activity

rule update(Debugfs Launched in Privileged Container): fix typo in description

Browse Source 
Signed-off-by: Kaizhe Huang <khuang@aurora.tech>
This commit is contained in:
Kaizhe Huang 2021-05-22 00:19:02 +00:00 committed by poiana
parent da7279da1d
commit 09e1604fe0
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/falco_rules.yaml
View File

@ -3031,7 +3031,7 @@
tags: [filesystem, mitre_privilege_escalation] tags: [filesystem, mitre_privilege_escalation]
- rule: Debugfs Launched in Privileged Container - rule: Debugfs Launched in Privileged Container
desc: Detect file system debugger debugfs launched inside a privilegd container which might lead to container escape. desc: Detect file system debugger debugfs launched inside a privileged container which might lead to container escape.
condition: > condition: >
spawned_process and container spawned_process and container
and container.privileged=true and container.privileged=true