Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Prevent Execution from tmp / log folders : Exploit Public facing applications #80

Closed
nandhued opened this issue Mar 18, 2024 · 1 comment · Fixed by #120
Closed

Prevent Execution from tmp / log folders : Exploit Public facing applications #80

nandhued opened this issue Mar 18, 2024 · 1 comment · Fixed by #120
Assignees
@VedRatan
Labels
Intent Intents configure/driver adapters
Milestone
5/31/24

Comments

@nandhued
Copy link

nandhued commented Mar 18, 2024
edited by shivaccuknox
Loading

Protecting system folder; /tmp; this should take care of most of the attacks as the attack binaries are loaded into these folders

Do not allow binary execution from a list of folders.

The intent is implemented by the KubeArmor adapter
@nandhued nandhued added this to the Mar 30th, 2024 milestone Mar 18, 2024
@nandhued nandhued removed this from the Mar 30th, 2024 milestone Mar 28, 2024
@shivaccuknox shivaccuknox added this to the 5/31/24 milestone Apr 26, 2024
@shivaccuknox shivaccuknox changed the title KubeArmor adapter: Exploit Public facing applications Protecting System Folder: Exploit Public facing applications May 21, 2024
@shivaccuknox shivaccuknox added the Intent Intents configure/driver adapters label May 21, 2024
@shivaccuknox shivaccuknox changed the title Protecting System Folder: Exploit Public facing applications Prevent Exploits from running: Exploit Public facing applications May 21, 2024
@VedRatan VedRatan mentioned this issue May 23, 2024
Merged
7 tasks
@shivaccuknox shivaccuknox changed the title Prevent Exploits from running: Exploit Public facing applications Prevent Execution from Folders : Exploit Public facing applications May 24, 2024
@shivaccuknox shivaccuknox changed the title Prevent Execution from Folders : Exploit Public facing applications Prevent Execution from tmp / log folders : Exploit Public facing applications May 24, 2024
@nandhued
Copy link
Author

Reference:
kubearmor/policy-templates#1049
https://www.tenable.com/audits/items/search?q=noexec&sort=&page=1

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@VedRatan VedRatan

Labels
Intent Intents configure/driver adapters
Projects
NIMBUS
Status: ✅ Done
Milestone
5/31/24
Development

Successfully merging a pull request may close this issue.

[feat]: added exploit pfa intent VedRatan/nimbus
3 participants
@nandhued @VedRatan @shivaccuknox