Kubernetes Security Audit Open Sourced
Written by Kay Ewbank   
Tuesday, 20 August 2019

A security audit of Kubernetes has been made available in an open source format. The project  reviewed the security of Kubernetes, and produced a threat model alongside the security review.

This is the latest and largest security audit undertaken on behalf of the Cloud Native Computing Foundation (CNCF). Last year it audited CoreDNS, Envoy and Prometheus, made the audits public, and has since seen core maintainers for the three projects address the vulnerabilities identified.

kubernetes

The audit was undertaken by CNCF's Third Party Security Audit Working Group, Trail of Bits and Atredis Partners, and looked at a number of Kubernetes components across six control families:

  • Networking
  • Cryptography
  • Authentication
  • Authorization
  • Secrets Management
  • Multi-tenancy 

CNCF says that as Kubernetes itself is a large system, with functionality spanning from API gateways to container orchestration to networking and beyond, this audit concentrated on eight components within the larger Kubernetes ecosystem for evaluation in the threat model: 

  • Kube-apiserver
  • Etcd
  • Kube-scheduler
  • Kube-controller-manager
  • Cloud-controller-manager
  • Kubelet
  • Kube-proxy
  • Container Runtime

Some of the main findings in the report (which can be downloaded from GitHub) are that security policies may not be applied, leading to a false sense of security by users. Insecure TLS is in use by default, and credentials are exposed in environment variables and command-line arguments. 

Other problems include the leaking in logs of the names of secrets; no revocation of certificates, and the fact that seccomp is not enabled by default. Of the security vulnerabilities discovered, half of the most severe have already been updated in the most recent release of Kubernetes.

For the moment (and until the problems identified in the audit are corrected), the recommendation is that cluster administrators use attribute based access controls rather than relying on role based access controls. Where role based access controls (RBAC) are necessary, administrators should ensure they follow RBAC best practices.

Kubernetes developers are advised to avoid hardcoding paths to dependencies, and to carry out file permissions checking. Processes on Linux should be monitored, and processes should moved to a cgroup.

The report makes interesting reading for anyone thinking about securing systems, as does the accompanying 50 page threat model document.

kubernetes

 

More Information

Kubernetes Security Audit Report On GitHub

Cloud Native Computing Foundation

Related Articles

Red Hat Launches Quarkus For Kubernetes-Native Apps

Instaclustr Releases Cassandra Tools

GitLab Adds Auto DevOps

 

 

To be informed about new articles on I Programmer, sign up for our weekly newsletter, subscribe to the RSS feed and follow us on Twitter, Facebook or Linkedin.

Banner

C Resumes Second Place In TIOBE Index
08/10/2025

The TIOBE index for October is out and C has overtaken  to regain the coveted second place in the ranking. What is it about C that makes it so special and can it continue to be as important a lan [ ... ]


+ Full Story
AI Champion Ship Now Open
07/11/2025

The AI Champion Ship is now underway, with a month to go before entries close. The organizers describe it as a global competition for builders, dreamers, and tinkerers who want to push AI beyond the o [ ... ]


+ Full Story
More News

pico book

 

Comments




or email your comment to: comments@i-programmer.info
Last Updated ( Tuesday, 20 August 2019 )