update k8s audit rule

Signed-off-by: kaizhe <derek0405@gmail.com>
This commit is contained in:
kaizhe 2019-11-18 20:50:08 -08:00 committed by Leo Di Donato
parent 7c33fafe89
commit 6c9bce6f73

View File

@ -124,7 +124,7 @@
- macro: sensitive_vol_mount
condition: >
(ka.req.pod.volumes.hostpath intersects (/proc, /var/run/docker.sock, /, /etc, /root, /var/run/crio/crio.sock, /home))
(ka.req.pod.volumes.hostpath intersects (/proc, /var/run/docker.sock, /, /etc, /root, /var/run/crio/crio.sock, /home/admin))
- rule: Create Sensitive Mount Pod
desc: >