From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep

Unlock this course with a free trial

Join today to access over 25,300 courses taught by industry experts.

Testing kernel security

Testing kernel security - Kubernetes Tutorial

From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep

Start my 1-month free trial Buy for my team

Testing kernel security

- [Instructor] This lesson is all about trying to test kernel security to be able to make sure that we are properly protected and that the configurations we've had in place are working the way that we expect. First thing we have to do is we have to take a look and make sure that AppArmor is on. So I'm going to do a sudo AppArmor status and then that is showing us that we do have some basic AppArmor modules and profiles are set up and everything is configured and working. Now from here I'm going to go ahead and create a simple little AppArmor profile. And the idea behind this is just so that we can have something to be able to inspect and that of course is going to allow us to be able to hopefully be able to troubleshoot that. So the commands that I'm going to enter here, you've seen this before, it's the deny write temp command that we did in the previous lessons. This is going to allow us to be able to then block anything that's going to be trying to write to the temp directory. So…

Contents