Skip to content

Security(M-04): optional NFS client-installer DaemonSet mutates every node with host privileges #172

Description

@dcmcand

Summary

The optional NFS client installer creates a DaemonSet that mutates every node. It uses hostPID, hostNetwork, all-node tolerations, and a privileged init container that nsenters into PID 1 to run apt-get install nfs-common, from mutable base image tags. This is a node-administration mechanism shipped inside an application chart. It is off by default.

Severity: Medium · CWE-250 (Execution with Unnecessary Privileges)
Validation: Confirmed against HEAD f932d80 on 2026-07-14 (assessed at 69c84f7; unchanged since).

Evidence

  • Opt-in / disabled by default: values.yaml:203 installClient: false; templates/nfs-client-installer.yaml:1 requires sharedStorage.nfsServer.installClient (on top of sharedStorage + nfsServer) to render.
  • DaemonSet spec: templates/nfs-client-installer.yaml:7 (kind DaemonSet), :23 hostPID: true, :24 hostNetwork: true, :25-26 all-node toleration (operator: Exists).
  • Privileged host mutation: nfs-client-installer.yaml:28-47 runs nsenter -t 1 -- bash -c 'apt-get update && apt-get install -y nfs-common' with securityContext: {privileged: true}.
  • Mutable tags: ubuntu:22.04 (:29) and alpine:3 (:50), no digests.

Impact

Compromise of the image, the package mirror, or the DaemonSet spec can execute arbitrary host commands across every node and persist changes outside Kubernetes rollback. The blast radius is the node fleet, not a single application pod.

Remediation

  • Provision prerequisites in node images or infrastructure automation.
  • If retained as an emergency tool, separate it from the application chart, pin images and packages, restrict nodes, require manual approval, record mutations, and remove it immediately after verification.

Acceptance criteria

  • Production chart installation cannot create a hostPID/hostNetwork privileged DaemonSet.

Related

Source: data-science-pack 0.1.0 security assessment (pinned commit 69c84f72df259ec755ed40bfc83f20158c550d55), finding M-04.

Metadata

Metadata

Assignees

No one assigned

    Labels

    area: securitySecurity findings and hardening workpriority: medium ⚡Medium priority - standard queue

    Type

    No type

    Fields

    Priority

    None yet

    Start date

    None yet

    Target date

    None yet

    Size

    None yet

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions