Shazad Brohi shazadbrohi
shazadbrohi
/ channel.go
Last active
February 13, 2021 01:56
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ("fmt" | |
| "net/http" | |
| "log" | |
| "io/ioutil" | |
| "io" | |
| "sync" | |
| "os" | |
| ) |
shazadbrohi
/ httpserver.go
Created
February 3, 2021 01:46
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ("fmt" | |
| "net/http" | |
| ) | |
| func main(){ | |
| rootHttpHandler := func(writer http.ResponseWriter, request *http.Request) { | |
| fmt.Fprintf(writer, "Request Method: %s\n", request.Method) | |
| fmt.Fprintf(writer, "Request Method: %q\n", request.URL) |
shazadbrohi
/ output.sh
Created
January 30, 2021 22:38
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./ls | |
| Reading contents of current directory: | |
| Name: ls, Size: 2190488, Last Modified Time: 2021-01-30 16:36:15.436720922 -0600 CST | |
| Name: ls.go, Size: 334, Last Modified Time: 2021-01-30 16:34:42.99726847 -0600 CST |
shazadbrohi
/ run.sh
Created
January 30, 2021 22:37
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ ./ls |
shazadbrohi
/ compile.sh
Last active
January 30, 2021 23:06
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| $ go build ls.go |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package main | |
| import ( | |
| "fmt" | |
| "io/ioutil" | |
| ) | |
| func main(){ | |
| fmt.Println("Reading contents of current directory: ") | |
| files, err := ioutil.ReadDir(".") |
shazadbrohi
/ workload-specific-binding.yaml
Last active
November 2, 2020 23:41
Grants permission to a specific workload to use the privileged pod security policy.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: RoleBinding | |
| metadata: | |
| name: <role-binding-name> | |
| namespace: <your-namespace> | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: privileged-cluster-role | |
| subjects: |
shazadbrohi
/ namespaced-privileged-access.yaml
Created
November 2, 2020 23:20
Grants all service accounts in a specific namespace permission to use the privileged pod security policy.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: RoleBinding | |
| metadata: | |
| name: <name>-role-binding | |
| namespace: <your-namespace> | |
| roleRef: | |
| apiGroup: rbac.authorization.k8s.io | |
| kind: ClusterRole | |
| name: privileged-cluster-role | |
| subjects: |
shazadbrohi
/ privileged-cluster-role.yaml
Created
November 2, 2020 23:14
A cluster role which authorizes use of the privileged-psp.
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: rbac.authorization.k8s.io/v1 | |
| kind: ClusterRole | |
| metadata: | |
| name: privileged-cluster-role | |
| rules: | |
| - apiGroups: | |
| - policy | |
| resourceNames: | |
| - privileged-psp | |
| resources: |
shazadbrohi
/ privileged-psp.yaml
Created
November 2, 2020 23:07
A privileged pod security policy resource
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| apiVersion: policy/v1beta1 | |
| kind: PodSecurityPolicy | |
| metadata: | |
| name: privileged-psp | |
| spec: | |
| allowPrivilegeEscalation: true | |
| allowedCapabilities: | |
| - '*' | |
| fsGroup: | |
| rule: RunAsAny |