PodLock: restrict process execution and file access in Kubernetes Pods with Landlock
a project by flavio_castelli
Updated about 1 hour ago. No love. 1 follower.

Description

Use the landlock Linux Security Module (LSM) to sandbox processes running inside of a Kubernetes Pod.

Goals

Allow users to define which binaries a process is allowed to execute once started within a protected Pod. Moreover, allow user to specify which directories and files the process will have access to, along with the permitted access mode.

Resources

Join this project

Looking for hackers with the skills:

Nothing? Add some keywords!

This project is part of:

Hack Week 25

Activity

  • about 1 hour ago: flavio_castelli started this project.
  • about 1 hour ago: flavio_castelli originated this project.


    • Comments

    Be the first to comment!

    Similar Projects

    This project is one of its kind!