Details
-
Defect (Security)
-
Resolution: Won't fix
-
Trivial
-
None
-
None
-
None
-
DEV, PROD
-
3
Description
Steps to reproduce:
Deploy the Zabbix operator agent instance using the default yaml file
Result:
**
The below value in the zabbix operator instance yaml is 'true' by default which enables the zabbix agent pods to run with root privileges and is flagged as a big security risk.
allow_privileged: true
Expected:
The bug/feature request would be that the value should be hard coded as 'false' so that the user is not able to change it to 'true' thus avoiding the mentioned security risk.
allow_privileged: false