mirror of
https://github.com/falcosecurity/falco.git
synced 2025-09-28 13:47:50 +00:00
6ca316a7cc
* Add additional rpm writing programs rhn_check, yumdb. * Add 11-dhclient as a dhcp binary * Let runuser read below pam It reads those files to check permissions. * Let chef write to /root/.chef* Some deployments write directly below /root. * Refactor openshift privileged images Rework how openshift images are handled: Many customers deploy to a private registry, which would normally involve duplicating the image list for the new registry. Now, split the image prefix search (e.g. <host>/openshift3) from the check of the image name. The prefix search is in allowed_openshift_registry_root, and can be easily overridden to add a new private registry hostname. The image list check is in openshift_image, is conditioned on allowed_openshift_registry_root, and does a contains search instead of a prefix match. Also try to get a more comprehensive set of possible openshift3 images, using online docs as a guide. * Also let sdchecks directly setns A new macro python_running_sdchecks is similar to parent_python_running_sdchecks but works on the process itself. Add this as an exception to Change thread namespace.