mirror of
https://github.com/falcosecurity/falco.git
synced 2026-03-19 03:06:22 +00:00
db0d913acc
* Let kubelet running loopback spawn shells Seen by @JPLachance, thanks for the heads up! * Let docker's "exe" broadly write to files. As a part of some docker commands like "docker save", etc, the program exe can write from files on the host filesystem /var/lib/docker/... to a variety of files within the container. Allow this via a macro exe_running_docker_save that checks the commandline as well as the parent and use it as an exclusion for the write below binary dir/root/etc rules. * Let chef perform more tasks - Let chef-client generally read sensitive files and write below /etc. - Let python running a chef script yum-dump.py write the rpm database.