Skip to content

Volumes are created in container with root ownership and strict permissions #2630

New issue
New issue
Closed
Closed
Volumes are created in container with root ownership and strict permissions#2630
Labels
area/securityarea/usabilitykind/cleanupCategorizes issue or PR as related to cleaning up code, process, or technical debt.kind/featureCategorizes issue or PR as related to a new feature.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.sig/nodeCategorizes an issue or PR as relevant to SIG Node.sig/storageCategorizes an issue or PR as relevant to SIG Storage.
Milestone
 
next-candidate
@carlossg

Description

@carlossg
carlossg
opened on Nov 26, 2014

The emptyDir volumeMount is owned by root:root and permissions set to 750
hostDir is the same but with 755 permissions

Containers running with a non-root USER can't access the volumes

Related discussion at https://groups.google.com/forum/#!topic/google-containers/D5NdjKFs6Cc
and Docker issue moby/moby#9360

Metadata

Metadata

Assignees

No one assigned

    Labels

    area/securityarea/usabilitykind/cleanupCategorizes issue or PR as related to cleaning up code, process, or technical debt.kind/featureCategorizes issue or PR as related to a new feature.priority/important-soonMust be staffed and worked on either currently, or very soon, ideally in time for the next release.sig/nodeCategorizes an issue or PR as relevant to SIG Node.sig/storageCategorizes an issue or PR as relevant to SIG Storage.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions