github/falco
1
0
Fork 0
mirror of https://github.com/falcosecurity/falco.git synced 2025-07-05 10:56:47 +00:00
Code Issues Projects Releases Wiki Activity

update k8s audit rule

Browse Source 
Signed-off-by: kaizhe <derek0405@gmail.com>
This commit is contained in:
kaizhe 2019-11-18 20:50:08 -08:00 committed by Leo Di Donato
parent 7c33fafe89
commit 6c9bce6f73
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
rules/k8s_audit_rules.yaml
View File

@ -124,7 +124,7 @@
- macro: sensitive_vol_mount - macro: sensitive_vol_mount
condition: > condition: >
(ka.req.pod.volumes.hostpath intersects (/proc, /var/run/docker.sock, /, /etc, /root, /var/run/crio/crio.sock, /home)) (ka.req.pod.volumes.hostpath intersects (/proc, /var/run/docker.sock, /, /etc, /root, /var/run/crio/crio.sock, /home/admin))
- rule: Create Sensitive Mount Pod - rule: Create Sensitive Mount Pod
desc: > desc: >