mirror of
https://github.com/aquasecurity/kube-bench.git
synced 2024-11-23 00:28:07 +00:00
Merge branch 'master' into doc-kubectl-host-pid
This commit is contained in:
commit
9f2899027e
@ -496,7 +496,7 @@ groups:
|
||||
remediation: |
|
||||
Edit the API server pod specification file $apiserverconf
|
||||
on the master node and set the below parameter.
|
||||
--tls-cipher- suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM _SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM _SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM _SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
--tls-cipher-suites=TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305,TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_256_GCM_SHA384,TLS_RSA_WITH_AES_128_GCM_SHA256
|
||||
scored: false
|
||||
|
||||
- id: 1.1.31
|
||||
@ -1422,7 +1422,7 @@ groups:
|
||||
scored: false
|
||||
|
||||
- id: 1.7.5
|
||||
text: " Do not admit containers with allowPrivilegeEscalation (Not Scored)"
|
||||
text: "Do not admit containers with allowPrivilegeEscalation (Not Scored)"
|
||||
type: "manual"
|
||||
remediation: |
|
||||
Create a PSP as described in the Kubernetes documentation, ensuring that the .spec.allowPrivilegeEscalation field is omitted or set to false.
|
||||
|
Loading…
Reference in New Issue
Block a user