[bitnami/kafka] /usr/sbin has Owner and Group Writable permissions #67229
Comments
pushkargr
added
the
tech-issues
javsalgar
changed the title
|
Hi @pushkargr, Thank you for taking the time to create this support ticket. Due to security reasons, the Bitnami Kafka container is a non-root container and that brings several improvements Please note that if a malicious user/process gets root privileges, it can also modify the permissions of the whole file system and perform any action. However, if you think that the security of the container can be improved, you can follow our contributing guidelines and propose any change you find relevant. Thanks |
|
This Issue has been automatically marked as "stale" because it has not had recent activity (for 15 days). It will be closed if no further activity occurs. Thanks for the feedback. |
|
Due to the lack of activity in the last 5 days since it was marked as "stale", we proceed to close this Issue. Do not hesitate to reopen it later if necessary. |
Name and Version
bitnami/kafka:3.6.1-debian-11-r0
What architecture are you using?
amd64
What steps will reproduce the bug?
Run the following command,
docker run --rm --entrypoint=bash docker.io/bitnami/kafka:3.6.1-debian-11-r0 -c "ls -lrt /usr"What is the expected behavior?
/usr/sbin file should not be writable as it contains binaries which are
frequently executed by the system with high privileges. A malicious user can
modify the binaries in /usr/sbin and run malicious code/command with root
privileges.
What do you see instead?
sbindirectory hasdrwxrwxr-xpermissionAdditional information
No response
The text was updated successfully, but these errors were encountered: