Bug 1255536 - OpenShift3: SecurityContextConstraints name reuse leading to privilege escalation
Summary: OpenShift3: SecurityContextConstraints name reuse leading to privilege escala...
Keywords:
Status: CLOSED NOTABUG
Alias: None
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1255338
Blocks: 1255539
TreeView+ depends on / blocked
 
Reported: 2015-08-20 20:44 UTC by Kurt Seifried
Modified: 2019-09-29 13:36 UTC (History)
11 users (show)

Fixed In Version:
Clone Of:
Environment:
Last Closed: 2015-09-10 18:17:58 UTC
Embargoed:

Attachments (Terms of Use)

Description Kurt Seifried 2015-08-20 20:44:03 UTC 
Aleksandar Kostadinov of Red Hat reports:

In OpenShift v3 you can create a SCC (SecurityContextConstraints) to allow 
privileged docker containers in a project. If that project is later deleted the 
SCC is left in the system and is not deleted. If another project is then created
with the same name as the original project the exisitng privileged SCC will be 
applied to it.
Comment 1 Paul Weil 2015-09-10 18:16:19 UTC 
This is operating as expected.  It is up to the administrator to manage the SCC.  They may choose to make entries in the SCC for users, groups, or service accounts that may or may not exist at the time.  Cleaning unknown references would prevent that workflow.

Currently, administrators may also exercise more control over this by not allowing project administrators to delete projects.

Created a card to add an optional finalizer as an enhancement: https://trello.com/c/KicH8TSC/513-scc-optional-finalizer
Comment 2 Adam Mariš 2015-09-14 08:30:14 UTC 
CVE was rejected.
Note You need to log in before you can comment on or make changes to this bug.