LinkedIn and 3rd parties use essential and non-essential cookies to provide, secure, analyze and improve our Services, and to show you relevant ads (including professional and job ads) on and off LinkedIn. Learn more in our Cookie Policy.

Select Accept to consent or Reject to decline non-essential cookies for this use. You can update your choices at any time in your settings.

Start free trial Sign in

From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep

Unlock this course with a free trial

Join today to access over 24,700 courses taught by industry experts.

Controlling file access and user logging

Controlling file access and user logging - Kubernetes Tutorial

From the course: Certified Kubernetes Security Specialist (CKS) Cert Prep

Start my 1-month free trial Buy for my team

Controlling file access and user logging

“

- So that covers a lot of the configuration options we have on the user side. So we set up users, we set up groups, we've limited access to various things and set restrictions for certain commands. Now the next thing we want to do is to be able to reduce and enforce certain ownership of files and directories. Now we know for a fact that there are certain files and directories that could be absolutely detrimental to us when it comes to managing Kubernetes, and that's where the change mod comes into play. So the change mod command is going to allow us to be able to set the privileges for a particular file. So the admin.com very important file, we want to lock that thing down. So change mod 600 means that we are going to allow for read and write for the particular owner of that file only. So they're not going to be able to do any other things to that, but they can read the file and they can write it. So that will allow us to be able to lock that down. So the next thing we're going to…

Contents