nuclei-templates/cloud/kubernetes/pods/k8s-containers-share-host-i...

id: k8s-containers-share-host-ipc

info:
  name: Containers sharing host IPC namespace
  author: princechaddha
  severity: critical
  description: Checks if any containers in Kubernetes Pods are configured to share the host's IPC namespace, which can lead to security risks.
  impact: |
    Sharing the host's IPC namespace allows containers to access data across all containers on the same host, posing potential security risks.
  remediation: Ensure that no container in Kubernetes Pods is set to share the host IPC namespace. Configure 'spec.hostIPC' to 'false' for all pods to isolate IPC namespaces.
  reference:
    - https://kubernetes.io/docs/tasks/configure-pod-container/security-context/
  tags: cloud,devops,kubernetes,k8s,devsecops,pods,k8s-cluster-security

flow: |
  code(1);
  for (let pod of template.items) {
    set("pod",pod)
    javascript(1);
  }

self-contained: true
code:
  - engine:
      - sh
      - bash
    source: kubectl get pods --all-namespaces --output=json
    extractors:
      - type: json
        name: items
        internal: true
        json:
          - '.items[]'

javascript:
  - code: |
        pod = JSON.parse(template.pod);
        if (pod.spec.hostIPC) {
          let result = (`Pod '${pod.metadata.name}' in namespace '${pod.metadata.namespace}' is configured to share the host IPC namespace.`);
          Export(result);
        }

    extractors:
      - type: dsl
        dsl:
          - response
# digest: 4b0a004830460221008e39125e4e88cd6fdf4a7a42cb65ed28ad966f3e82c707981a3a9b61eda975ee022100b7740c6607e3cd3abc78a7ce0787b992b3a7c2a1982f98696000b083db97e7f8:922c64590222798bb761d5b6d8e72950
k8s templates 🚀 2024-05-26 04:52:23 +00:00			`id: k8s-containers-share-host-ipc`

			`info:`
			`name: Containers sharing host IPC namespace`
			`author: princechaddha`
			`severity: critical`
			`description: Checks if any containers in Kubernetes Pods are configured to share the host's IPC namespace, which can lead to security risks.`
			`impact: \|`
			`Sharing the host's IPC namespace allows containers to access data across all containers on the same host, posing potential security risks.`
fixed lint error 🛠️ 2024-05-26 04:58:13 +00:00			`remediation: Ensure that no container in Kubernetes Pods is set to share the host IPC namespace. Configure 'spec.hostIPC' to 'false' for all pods to isolate IPC namespaces.`
k8s templates 🚀 2024-05-26 04:52:23 +00:00			`reference:`
			`- https://kubernetes.io/docs/tasks/configure-pod-container/security-context/`
added kubernetes cluster security profile 2024-06-18 12:04:45 +00:00			`tags: cloud,devops,kubernetes,k8s,devsecops,pods,k8s-cluster-security`
k8s templates 🚀 2024-05-26 04:52:23 +00:00
			`flow: \|`
			`code(1);`
			`for (let pod of template.items) {`
			`set("pod",pod)`
			`javascript(1);`
			`}`

			`self-contained: true`
			`code:`
			`- engine:`
			`- sh`
			`- bash`
			`source: kubectl get pods --all-namespaces --output=json`
			`extractors:`
			`- type: json`
			`name: items`
			`internal: true`
			`json:`
			`- '.items[]'`

			`javascript:`
			`- code: \|`
			`pod = JSON.parse(template.pod);`
			`if (pod.spec.hostIPC) {`
			let result = (`Pod '${pod.metadata.name}' in namespace '${pod.metadata.namespace}' is configured to share the host IPC namespace.`);
			`Export(result);`
			`}`

			`extractors:`
			`- type: dsl`
			`dsl:`
			`- response`
Auto Template Signing [Tue Jun 25 11:14:32 UTC 2024] :robot: 2024-06-25 11:14:32 +00:00			`# digest: 4b0a004830460221008e39125e4e88cd6fdf4a7a42cb65ed28ad966f3e82c707981a3a9b61eda975ee022100b7740c6607e3cd3abc78a7ce0787b992b3a7c2a1982f98696000b083db97e7f8:922c64590222798bb761d5b6d8e72950`