You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Need to implement attack paths that leverage the bind verb.
This would require computing what the resultant permissions would be, and how we would integrate that into the graph.
escalate could easily grant all verbs, so we just assumed full access to other resources, however the same cannot be said with bind where we are limited by the verbs specified in the role.
Would also need to account for scope, ie cluster-wide or namespaced.
The text was updated successfully, but these errors were encountered:
Need to implement attack paths that leverage the
bindverb.This would require computing what the resultant permissions would be, and how we would integrate that into the graph.
escalatecould easily grant all verbs, so we just assumed full access to other resources, however the same cannot be said withbindwhere we are limited by the verbs specified in the role.Would also need to account for scope, ie cluster-wide or namespaced.
The text was updated successfully, but these errors were encountered: