Workload misconfigurations

Kubernetes node’s Kube-Proxy configuration file owner is not root

Risk Level

Informational (4)

Platform(s)

  • N/A

Compliance Frameworks

Description

The kube-proxy kubeconfig file controls various parameters of the kube-proxy service in the worker node. Orca has detected that the kube-proxy's kubeconfig file owner on {K8sNode.Vm} is set to {Vm.K8sKubeProxyConfigs.ConfigFile.Group}:{Vm.K8sKubeProxyConfigs.ConfigFile.UserName}. The file should be owned by root:root.

  • Recommended Mitigation

    Consider setting {K8sNode}'s Kube-Proxy kubeconfig file owner to the root user.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.