Skip to content

Commit

Permalink
(fix): Changed PreventExecFrpolicy from file to process (#208)
Browse files Browse the repository at this point in the history 
* changed policy from file to process
  • Loading branch information
@VedRatan
VedRatan authored Jul 3, 2024
1 parent 7f7a00e commit fc1b2c5
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions pkg/adapter/nimbus-kubearmor/processor/kspbuilder.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -268,8 +268,8 @@ func disallowChRoot() kubearmorv1.KubeArmorPolicy {
func disallowBinaries() kubearmorv1.KubeArmorPolicy { // ref: https://www.tenable.com/audits/items/search?q=noexec&sort=&page=1
return kubearmorv1.KubeArmorPolicy{
Spec: kubearmorv1.KubeArmorPolicySpec{
File: kubearmorv1.FileType{
MatchDirectories: []kubearmorv1.FileDirectoryType{
Process: kubearmorv1.ProcessType{
MatchDirectories: []kubearmorv1.ProcessDirectoryType{
{
Directory: "/var/tmp/",
Recursive: true,
Expand Down

0 comments on commit fc1b2c5

Please sign in to comment.