June 2023

Golan Myers
12 Jun 2023

Executing Arbitrary Code & Executables in Read-Only FileSystems

This article explores methods of executing arbitrary code in read-only Kubernetes pod file systems. Three techniques are demonstrated for bypassing read-only filesystem restrictions, including using in-memory execution, exploiting /dev/shm, and leveraging dynamic program loaders. The research highlights the complexity of container security and the need for multi-layered defense strategies.