Create rule S6865: Service account tokens should not be mounted in pods #3505
Conversation
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?s=60&v=4){kind=small}
|
|
||
| //=== Articles & blog posts | ||
| //=== Conference presentations | ||
| //=== Standards |
There was a problem hiding this comment.
Maybe add a CWE such as CWE-306 Missing Authentication for Critical Function
There was a problem hiding this comment.
Mhh I do not think that CWE-306 is applicable here.
There was a problem hiding this comment.
I made this suggestion based on this CVE: https://nvd.nist.gov/vuln/detail/CVE-2021-41266
There was a problem hiding this comment.
Thanks for the additional clarification. I agree with you and I have created a follow up PR: #3516
Maybe you can review it.
rules/S6865/kubernetes/rule.adoc
Outdated
| @@ -0,0 +1,118 @@ | |||
| Service account tokens should not be mounted in pods | |||
There was a problem hiding this comment.
Add a point at the end of the sentence.
There was a problem hiding this comment.
Actually I will remove this sentence since it is just duplicating the title.
|
|
daniel-teuchert-sonarsource
changed the title
You can preview this rule here (updated a few minutes after each push).
Review
A dedicated reviewer checked the rule description successfully for: