Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

investigate container immutability for kubernetes deployment #575

Closed
mmguero opened this issue Oct 1, 2024 · 1 comment
Closed

investigate container immutability for kubernetes deployment #575

mmguero opened this issue Oct 1, 2024 · 1 comment
Labels
cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes enhancement New feature or request security Related to issues with bearing on the security of Malcolm itself

Comments

@mmguero
Copy link
Collaborator

mmguero commented Oct 1, 2024

see securitycontext documentation:

  • readOnlyRootFilesystem

Basically from what I understand it just makes it so the container can't write to any location internally unless a bind volume mount.
@mmguero mmguero added enhancement New feature or request security Related to issues with bearing on the security of Malcolm itself cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes labels Oct 1, 2024
@mmguero mmguero added this to Malcolm Oct 1, 2024
@mmguero mmguero moved this to Todo (investigate) in Malcolm Oct 1, 2024
@mmguero
Copy link
Collaborator Author

mmguero commented Nov 4, 2024

Kamino closed and cloned this issue to cisagov/Malcolm

@mmguero mmguero mentioned this issue Nov 4, 2024
Open
@mmguero mmguero closed this as completed Nov 4, 2024
@github-project-automation github-project-automation bot moved this from Todo (investigate) to Done in Malcolm Nov 4, 2024
@mmguero mmguero moved this from Done to Migrated in Malcolm Nov 5, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
cloud Relating to deployment of Malcolm in the cloud and/or with Kubernetes enhancement New feature or request security Related to issues with bearing on the security of Malcolm itself
Projects
Malcolm
Status: Migrated
Milestone
No milestone
Development

No branches or pull requests
1 participant
@mmguero