C-0105 - Ensure that the admin.conf file ownership is set to root:root
Prerequisites
Run Kubescape with host sensor (see here)
Framework
cis-v1.23-t1.0.1
Severity
High
Description of the the issue
The admin.conf
file contains the admin credentials for the cluster. You should set its file ownership to maintain the integrity and confidentiality of the file. The file should be owned by root:root.
Related resources
What does this control test
Ensure that the admin.conf
file ownership is set to root:root
.
How to check it manually
Run the below command (based on the file location on your system) on the Control Plane node. For example,
stat -c %U:%G /etc/kubernetes/admin.conf
Verify that the ownership is set to root:root
.
Remediation
Run the below command (based on the file location on your system) on the Control Plane node. For example,
chown root:root /etc/kubernetes/admin.conf
Impact Statement
None.
Default Value
By default, admin.conf
file ownership is set to root:root
.
Example
No example
Updated 11 days ago