Affected by GO-2022-0617
and 19 other vulnerabilities
GO-2022-0617 : WITHDRAWN: Potential proxy IP restriction bypass in Kubernetes in k8s.io/kubernetes
GO-2022-0703 : XML Entity Expansion and Improper Input Validation in Kubernetes API server in k8s.io/kubernetes
GO-2022-0802 : Kubernetes kubectl cp Vulnerable to Symlink Attack in k8s.io/kubernetes
GO-2022-0867 : Allocation of Resources Without Limits or Throttling and Uncontrolled Memory Allocation in Kubernetes in k8s.io/kubernetes
GO-2022-0885 : Improper Authentication in Kubernetes in k8s.io/kubernetes
GO-2022-0890 : Server Side Request Forgery (SSRF) in Kubernetes in k8s.io/kubernetes
GO-2022-0907 : Access Restriction Bypass in kube-apiserver in k8s.io/kubernetes
GO-2022-0910 : Files or Directories Accessible to External Parties in kubernetes in k8s.io/kubernetes
GO-2022-0983 : kubectl ANSI escape characters not filtered in k8s.io/kubernetes
GO-2023-1864 : Kubelet vulnerable to bypass of seccomp profile enforcement in k8s.io/kubernetes
GO-2023-1891 : kube-apiserver vulnerable to policy bypass in k8s.io/kubernetes
GO-2023-1892 : Kubernetes mountable secrets policy bypass in k8s.io/kubernetes
GO-2023-2159 : Kube-proxy may unintentionally forward traffic in k8s.io/kubernetes
GO-2023-2341 : Kubernetes Improper Input Validation vulnerability in k8s.io/kubernetes
GO-2024-2748 : Privilege Escalation in Kubernetes in k8s.io/apimachinery
GO-2024-2753 : Denial of service in Kubernetes in k8s.io/kubernetes
GO-2024-2754 : Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
GO-2024-2755 : Sensitive Information leak via Log File in Kubernetes in k8s.io/kubernetes
GO-2024-2994 : Kubernetes sets incorrect permissions on Windows containers logs in k8s.io/kubernetes
GO-2024-3277 : Kubernetes Nil pointer dereference in KCM after v1 HPA patch request in k8s.io/kubernetes
Discover Packages
k8s.io/kubernetes
pkg
util
selinux
package
Version:
v1.15.3
Opens a new window with list of versions in this module.
Published: Aug 16, 2019
License: Apache-2.0
Opens a new window with license information.
Imports: 1
Opens a new window with list of imports.
Imported by: 0
Opens a new window with list of known importers.
Documentation
Documentation
¶
Rendered for
linux/amd64
windows/amd64
darwin/amd64
js/wasm
Package selinux contains wrapper functions for the libcontainer SELinux
package. A NOP implementation is provided for non-linux platforms.
func SELinuxEnabled() bool
SELinuxEnabled returns whether SELinux is enabled on the system. SELinux
has a tri-state:
disabled: SELinux Kernel modules not loaded, SELinux policy is not
checked during Kernel MAC checks
enforcing: Enabled; SELinux policy violations are denied and logged
in the audit log
permissive: Enabled, but SELinux policy violations are permitted and
logged in the audit log
SELinuxEnabled returns true if SELinux is enforcing or permissive, and
false if it is disabled.
SetFileLabel applies the SELinux label on the path or returns an error.
Note: the libcontainer SELinux package is only built for Linux, so it is
necessary to have a NOP wrapper which is built for non-Linux platforms to
allow code that links to this package not to differentiate its own methods
for Linux and non-Linux platforms.
SELinuxRunner wraps certain libcontainer SELinux calls. For more
information, see:
https://github.com/opencontainers/runc/blob/master/libcontainer/selinux/selinux.go
NewSELinuxRunner returns a new SELinuxRunner appropriate for the platform.
On Linux, all methods short-circuit and return NOP values if SELinux is
disabled. On non-Linux platforms, a NOP implementation is returned.
Source Files
¶
Click to show internal directories.
Click to hide internal directories.