Home > Kubernetes > Deployment > Container is running with writable root filesystem
low severity

Container is running with writable root filesystem (SNYK-CC-K8S-8)

Issue

`readOnlyRootFilesystem` attribute is not set to `true`

Impact

Compromised process could abuse writable root filesystem to elevate privileges

Resolve

Kubernetes
Set `securityContext.readOnlyRootFilesystem` to `true`
Terraform
Set `security_context.read_only_root_filesystem` to `true`

References