0

Let's say that a pod is compromised and has kubectl installed. It's in the same namespace as a persistent volume containing sensitive data. This persistent volume is only meant to be mounted by a different pod in that namespace. The attacker could deploy a new pod that mounts that volume, and access the sensitive information from there.

What are the ways to limit mounting that volume to only the intended pods? More generally, how can access to that volume be protected?

Tyler Camp
  • 177
  • 15
  • Can you explain in more detail, how a pod with kubectl access would get access to your sensitive data? by creating pods attaching the volume with sensitive data? – Rico Jan 14 '19 at 17:45
  • @Rico Yes, I'll clarify the original question – Tyler Camp Jan 14 '19 at 18:36
  • Did you try the scenario you described? Because by default a pod does not have permissions to to deploy new pods, kubectl or not. If it does, then it means you specifically configured it (or the cluster) to allow this. Also could you clarify, why are you worried about some different pod to become compromised and not worried about the pod that has access to the volume become compromised? From the information you've given it's equally likely, and in this case, no amount of securing the volume will help since the pod needs access to it to work. – Andrew Savinykh Jan 15 '19 at 02:37
  • @AndrewSavinykh I have not, though I intended to pose that situation as a general "malicious hacker gets access to a pod, how do I prevent them from accessing a sensitive volume". I didn't mean to limit it specifically to that case. So far it seems like a non-issue. In the case where they are able to gain access to the contents of a volume on a different pod, they'll probably have enough permissions where "securing" the volume is a non-starter. (Still learning k8s, so terms/assumptions might not be correct.) – Tyler Camp Jan 15 '19 at 17:52
  • @TylerCamp StackOverflow works the best for practical answerable question, that you face, not for some theoretical concerns. – Andrew Savinykh Jan 15 '19 at 19:15
  • @AndrewSavinykh I think it's safe to consider the question "how do I keep my data protected" to be practical and answerable, even though I'm not familiar enough with kubernetes to know an exact attack method. The presumed answer "it's not really an issue" will suffice. – Tyler Camp Jan 17 '19 at 14:50

0 Answers0