Awesome
Resources for The path less traveled: Abusing Kubernetes Defaults
Video here
This repo has all of the manifests and demo scripts used for this presentation.
The cluster was built using kind.sigs.k8s.io and run entirely from the presenter laptop.
You can run the setup.sh script to populate the images that will be used
Run all of the demo scripts from the root directory of this repo.
The k8s_root
and dind
demos do require that the laptop be running some linux distribution and docker.
For both of these examples we are joining the laptop to the kind cluster as a node.
Other resources:
- report a vuln k8s.io/security
- ask questions! slack.k8s.io #security and #sig-auth
- CVEs are announced as part of the announce google group
Any questions or feedback please reach out!