You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Issue: Privilege Escalation from Node Proxy in Promtail
We encountered the following security audit issue for Promtail: Cluster Roles allow privilege escalation from node proxy
Currently, the access to the nodes/proxy resource via in clusterrole is hard-coded in the helm-chart - charts/promtail/templates/clusterrole.yaml file.
Questions:
Does Promtail have a dependency on the nodes/proxy resource?
Is it possible to bypass or remove access to nodes/proxy in Cluster role without impacting Promtail's functionality?
The text was updated successfully, but these errors were encountered:
Issue: Privilege Escalation from Node Proxy in Promtail
We encountered the following security audit issue for Promtail:
Cluster Roles allow privilege escalation from node proxyCurrently, the access to the nodes/proxy resource via in clusterrole is hard-coded in the helm-chart -
charts/promtail/templates/clusterrole.yamlfile.Questions:
Does Promtail have a dependency on the nodes/proxy resource?
Is it possible to bypass or remove access to nodes/proxy in Cluster role without impacting Promtail's functionality?
The text was updated successfully, but these errors were encountered: