mirror of
https://github.com/falcosecurity/falco.git
synced 2025-10-21 11:29:26 +00:00
c6169e1aaa
* Add sensitive mount of mouting to /var/lib/kubelet* * Fix GKE/Istio false positives - Allow kubectl to write below /root/.kube - Allow loopback/bridge (e.g. /home/kubernetes/bin/) to setns. - Let istio pilot-agent write to /etc/istio. - Let google_accounts(_daemon) write user .ssh files. - Add /health as an allowed file below /. This fixes https://github.com/falcosecurity/falco/issues/439. * Improve ufw/cloud-init exceptions Tie them to both the program and the file being written. Also move the cloud-init exception to monitored_directory.