Skip to content

Latest commit

 

History

History
90 lines (68 loc) · 3.54 KB

security.md

File metadata and controls

90 lines (68 loc) · 3.54 KB

Security

Threat Model

Initium runs as an initContainer in Kubernetes pods. Its threat model considers:

Trusted

  • The cluster operator who configures the pod spec and Initium arguments
  • The container registry serving the Initium image (verified via image signatures/SBOM)

Untrusted

  • Network endpoints that Initium connects to (may be malicious or compromised)
  • Environment variables that may contain secrets (must not be leaked)
  • File paths provided by users (may attempt path traversal)

Attack Vectors Addressed

Vector Mitigation
Path traversal All file writes constrained to --workdir; absolute paths rejected; .. sequences resolved and validated
Secret leakage via logs Automatic redaction of keys matching token, password, secret, auth, api_key, authorization
Privilege escalation Container runs as UID 65534 (nobody); allowPrivilegeEscalation: false; all capabilities dropped
Filesystem tampering readOnlyRootFilesystem: true; writes only to mounted emptyDir volumes
Unintended network access All target URLs must be explicitly provided via flags; no default outbound connections
TLS downgrade TLS verification enabled by default; --insecure-tls requires explicit opt-in
Shell injection Commands executed via execve (no shell); -- separator for command arguments
Supply chain Minimal scratch base image; SBOM and provenance attestation in CI; pinned dependencies

Safe Defaults

Initium ships with conservative defaults:

  • Timeout: 5s per individual request, 5m overall
  • Max retries: 60 with exponential backoff (capped at 30s)
  • TLS: Certificate verification enabled
  • File writes: Constrained to /work
  • Logging: Secrets redacted; JSON output optional
  • Execution: No shell; direct process execution

Running with Restricted Pod Security

Pod Security Admission (PSA) — restricted profile

Initium is fully compatible with the Kubernetes restricted Pod Security Standard:

apiVersion: v1
kind: Namespace
metadata:
  name: my-namespace
  labels:
    pod-security.kubernetes.io/enforce: restricted
    pod-security.kubernetes.io/audit: restricted
    pod-security.kubernetes.io/warn: restricted

The following securityContext satisfies the restricted profile:

securityContext:
  runAsNonRoot: true
  runAsUser: 65534
  runAsGroup: 65534
  readOnlyRootFilesystem: true
  allowPrivilegeEscalation: false
  seccompProfile:
    type: RuntimeDefault
  capabilities:
    drop:
      - ALL

Pod Security Policies (PSP) — deprecated

If your cluster still uses PSPs, the same security context fields apply. Initium requires no special privileges.

Image Verification

Release images include SBOM and provenance attestations generated by GitHub Actions with id-token: write permissions:

# Verify provenance (requires cosign)
cosign verify-attestation \
  --type https://slsa.dev/provenance/v0.2 \
  ghcr.io/kitstream/initium:latest

# View SBOM
docker buildx imagetools inspect ghcr.io/kitstream/initium:latest --format '{{json .SBOM}}'