Uploaded image for project: 'ZABBIX BUGS AND ISSUES'
  1. ZABBIX BUGS AND ISSUES
  2. ZBX-19863

The default flag "allow_privileged: true" in the zabbix agents operator instance yaml file should be false.

    XMLWordPrintable

Details

    • Defect (Security)
    • Status: Need info
    • Trivial
    • Resolution: Unresolved
    • None
    • None
    • Agent (G), Templates (T)
    • None
    • DEV, PROD
    • 3

    Description

      Steps to reproduce:

      Deploy the Zabbix operator agent instance using the default yaml file

      Result:
      **
      The below value in the zabbix operator instance yaml is 'true' by default which enables the zabbix agent pods to run with root privileges and is flagged as a big security risk. 
      allow_privileged: true
       
      Expected:
      The bug/feature request would be that the value should be hard coded as 'false' so that the user is not able to change it to 'true' thus avoiding the mentioned security risk.
      allow_privileged: false

      Attachments

        Activity

          People

            neogan Andrei Gushchin
            SarangKher Sarang Kher
            Votes:
            0 Vote for this issue
            Watchers:
            2 Start watching this issue

            Dates

              Created:
              Updated: