Best practices

API server pod specification file ownership is not set to root:root

Platform(s)

  • N/A

Compliance Frameworks

Description

It was found that the API server pod specification file's owner is not set to root. Setting the file's owner to a low privileged user allows the modification of the file by this user and expose the configuration file to unwanted modification.
Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.