TF 0033 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
Runs with a root primary or supplementary GID
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
Description
Containers are configured to run with a primary or supplementary group ID (GID) of 0, which means they operate with root group privileges. This configuration violates pod security standards that require containers to avoid running with root group access.
Impact
If exploited, a container running with root group privileges could allow processes to access or modify sensitive system files and resources, increasing the risk of privilege escalation or lateral movement within the cluster. This weakens isolation and may expose the environment to further attacks.