January 9, 2020

217 words 2 mins read

How Symlinks Pwned Kubernetes (And How We Fixed It)

How Symlinks Pwned Kubernetes (And How We Fixed It)

Ever wonder how Kubernetes deals with security vulnerabilities? This talk illustrates the process by walking through the discovery, patching, and disclosure of CVE-2017-1002101. In Nov 2017, we recei …

Talk Title How Symlinks Pwned Kubernetes (And How We Fixed It)
Speakers Michelle Au (Software Engineer, Google), Jan Šafránek (Principal Software Engineer, Red Hat)
Conference KubeCon + CloudNativeCon North America
Conf Tag
Location Seattle, WA, USA
Date Dec 9-14, 2018
URL Talk Page
Slides Talk Slides
Video

Ever wonder how Kubernetes deals with security vulnerabilities? This talk illustrates the process by walking through the discovery, patching, and disclosure of CVE-2017-1002101. In Nov 2017, we received a report about how misusing the volume subpath feature could result in access to host files. A team was assembled to investigate the vulnerability, develop a patch, and release it to all supported versions of Kubernetes – ALL in secret. As we walk through the story from discovery to disclosure, we will also deep dive into the technical details of how this feature allowed a container to escape to the host filesystem, and how it was fixed. You will walk away with techniques for secure file handling in multi-tenant environments, best practices for restricting volume access in your Kubernetes clusters, and an understanding of how a large open source project manages security issues.

comments powered by Disqus