Ensure that the admin config file ownership is set to root:root
| Property | |
|---|---|
| Language |  |
| Severity |  |
Description#
The Kubernetes admin configuration file (/etc/kubernetes/admin.conf) is not owned by root:root, allowing unauthorized users to potentially access or modify sensitive cluster credentials. This misconfiguration weakens the security of the Kubernetes control plane.
Impact#
If exploited, unauthorized users could gain administrative access to the Kubernetes cluster, enabling them to control workloads, access secrets, or disrupt services, potentially resulting in a full cluster compromise.
Resolution#
Change the admin config file /etc/kubernetes/admin.conf ownership to root:root