Roberto Scolaro

icon company @draios icon location infosec enthusiast, ctf player @ ulisse, SWE @ sysdig

Results 48 comments of Roberto Scolaro

"BPF doesn't have JIT enabled" reported incorrectly when using docker

A way to solve this issue is to use the `--net=host` flag but this is a terrible idea from a security standpoint: by giving the container access to the host...

"BPF doesn't have JIT enabled" reported incorrectly when using docker

After some more digging I discovered that it's possible to check if the jit is enabled using `bpftool` or writing a small program that essentially does the same of bpftool....

"BPF doesn't have JIT enabled" reported incorrectly when using docker

I think It is a better solution to maintain the image as minimal as possible but if there is no other solution it's ok. I'll take another look to check...

build: syncing the repo metadata even when an RPM or DEB package is deleted afterword

/remove-lifecycle stale

build: syncing the repo metadata even when an RPM or DEB package is deleted afterword

Yeap! Absolutely! 😄

[Proposal] Chisels removal from libs

/assign

Umbrella: Adding support for new field types in plugins

You are right! I already started to work on it and implemented some basic types! 😄

Umbrella: Adding support for new field types in plugins

/assign

`K8s-Role.Clusterrolebinding-Created` is not triggered

Are you referring to this action https://github.com/falcosecurity/event-generator/blob/c70bca02787ba330ebe322737f25567d997ab87c/events/k8saudit/yaml/k8s-serviceaccount-created.yaml#L34? In that case I don't see any ref at a ClusterRole 🤔 @leogr

`K8s-Role.Clusterrolebinding-Created` is not triggered

/remove-lifecycle stale