[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Security implications of "runAsUser: type: RunAsAny"



Oops, typed too fast:

    oadm policy add-scc-to-user anyuid -z SERVICE_ACCOUNT_IN_NAMESPACE

On Tue, Nov 17, 2015 at 11:09 AM, Philippe Lafoucrière
<philippe lafoucriere tech-angels com> wrote:
> *** WARNING: THE ATTACHED DOCUMENT(S) CONTAIN MACROS ***
> *** MACROS MAY CONTAIN MALICIOUS CODE ***
> *** Open only if you can verify and trust the sender ***
> *** Please contact infosec redhat com if you have questions or concerns **
>
>
> On Tue, Nov 17, 2015 at 11:00 AM, Clayton Coleman <ccoleman redhat com> wrote:
>>
>> You can also set the net bind capability in your image and then
>> regular users can bind to 80.
>
>
> The port really doesn't matter. The issue is the filesystem permissions :(
>
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]