-
Notifications
You must be signed in to change notification settings - Fork 187
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Minimum required RBAC for user to successfully sniff #37
Comments
Side note this tool is awesome. |
Hi @RevREB thanks for using ksniff, glad you liked it! I didn't check the minimum required permissions, I guess that the privileged mode requires higher permissions as it's creating new pod with access to the hosting node. The upload mode will probably require less permissions because it's only execute tcpdump on existing pod. In case you will have more detailed answer, it will be super helpful if you will update the project README with this information. Eldad. |
I'm still gonna dig into it later... but does this basically just exec into the pod and and run tcpdump and pipe the stdout back across the wire? |
Yeah, what you described is the "exec mode"
|
ok, ill play with RBAC this weekend and find the Lowest required perms. |
Closing for now, @RevREB if you did found the minimum required permissions, please open a pull request with your findings - thanks! |
I am wondering if you've done any tuning on figuring out what the minimum required RBAC permissions for a user would been to be to get a successful sniff.
The text was updated successfully, but these errors were encountered: