Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Globbing in rules enforced by BPFLSM #1900

Open
vholer opened this issue Nov 21, 2024 · 1 comment
Open

Globbing in rules enforced by BPFLSM #1900

vholer opened this issue Nov 21, 2024 · 1 comment
Labels
bug Something isn't working

Comments

@vholer
Copy link

vholer commented Nov 21, 2024
edited
Loading

Bug Report

Some example Policies are using wildcards in places, where it's not documented, e.g.: https://docs.kubearmor.io/kubearmor/use-cases/hardening#logs-delete in path within file.matchPaths. I have tested that with BPF-LSM and wildcard character (*) is not evaluated, it's considered as a part of path.

Not sure if this should work at least with AppArmor, but maybe documentation should be more specific about it.

I see an old unresolved discussion about globbing with eBPF (#448)...
@vholer vholer added the bug Something isn't working label Nov 21, 2024
@daemon1024
Copy link
Member

We definetely dont support glob patterns in BPFLSM.
We have it documented in Wiki - https://github.com/kubearmor/KubeArmor/wiki/Enforcer-Feature-Parity
But I agree we should keep it somewhere more prominant.

Meta Issue tracker for now #795

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@vholer @daemon1024