惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

美团技术团队
D
DataBreaches.Net
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
D
Docker
N
Netflix TechBlog - Medium
Cyber Security Advisories - MS-ISAC
Cyber Security Advisories - MS-ISAC
C
Check Point Blog
腾讯CDC
Stack Overflow Blog
Stack Overflow Blog
V
Visual Studio Blog
IT之家
IT之家
月光博客
月光博客
U
Unit 42
K
Kaspersky official blog
T
Threatpost
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
GbyAI
GbyAI
P
Proofpoint News Feed
Last Week in AI
Last Week in AI
云风的 BLOG
云风的 BLOG
酷 壳 – CoolShell
酷 壳 – CoolShell
I
InfoQ
Engineering at Meta
Engineering at Meta
Recorded Future
Recorded Future
Exploit-DB.com RSS Feed
Exploit-DB.com RSS Feed
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
S
Security @ Cisco Blogs
MyScale Blog
MyScale Blog
大猫的无限游戏
大猫的无限游戏
Security Archives - TechRepublic
Security Archives - TechRepublic
Webroot Blog
Webroot Blog
cs.CV updates on arXiv.org
cs.CV updates on arXiv.org
Hacker News - Newest:
Hacker News - Newest: "LLM"
S
Schneier on Security
S
Secure Thoughts
The Register - Security
The Register - Security
B
Blog RSS Feed
The Last Watchdog
The Last Watchdog
P
Palo Alto Networks Blog
爱范儿
爱范儿
B
Blog
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
N
News and Events Feed by Topic
阮一峰的网络日志
阮一峰的网络日志
L
LINUX DO - 热门话题
C
Cisco Blogs
Spread Privacy
Spread Privacy
F
Full Disclosure
博客园 - 聂微东
T
The Blog of Author Tim Ferriss

Cloud Native Computing Foundation

Kepler, re-architected: Improved power accuracy and a community call to action! Dragonfly v2.5.0 is released OTel and mesh-derived metrics: A 2026 reference etcd-operator joins Cozystack with a new v1alpha2 API Securing CI/CD for an open source project, part 3: Credentials, verification, and what’s next Building a Cluster-Aware AI Agent with Kubernetes, Argo CD, and GitOps From Awareness to Engineered Accessibility in Open Source Agent Auth: A lawyer’s day in court Building Jaeger’s ClickHouse backend: 8.6× compression on 10 million spans Telemetry that matters: Designing sustainable, high-impact observability pipelines KubeCon + CloudNativeCon, OpenInfra Summit and PyTorch Conference Unite in China to Scale AI Flipkart Wins CNCF End User Case Study Contest for Kubernetes and Chaos Engineering Scale Expanding CARE: Passing CKS can now extend your CKA certification CNCF and Linux Foundation Education Partner with Udemy to Provide a Unified Cloud Native Training & Certification Opportunity CNCF and SlashData Report Confirms India as One of the Largest Cloud Native Communities with 2.25 Million Developers CNCF Welcomes New Silver Members as Global Demand for Cloud Native Infrastructure Grows Why cloud native belongs at the heart of agentic AI: Lessons from building a multi-agent security platform on Kubernetes Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Client Challenge Building a cloud native internal developer platform with Kubernetes, GitOps, and supply chain security The Kubernetes integration tax: Prometheus, Cilium and production reality GPU autoscaling on Kubernetes with KEDA: Building an external scaler Three TAG leads walk into the TOC How Jaeger is evolving to trace AI agents with OpenTelemetry Why Kubernetes policy enforcement happens too late—and what to do about it Zero-Downtime migration from ingress NGINX to Envoy Gateway Client Challenge Client Challenge Client Challenge
Security Profiles Operator v1: Stable APIs, Security Hardened, and Shaping Upstream Kubernetes
audra · 2026-06-26 · via Cloud Native Computing Foundation

Posted on June 26, 2026 by Sascha Grunert (Red Hat)

CNCF projects highlighted in this post

Kubernetes logo

Linux provides powerful kernel-level security mechanisms, seccomp, SELinux, and AppArmor, that restrict what containerized workloads can do. Each uses profiles that define permitted behavior, but writing, distributing, and maintaining those profiles by hand is tedious and error-prone. The Security Profiles Operator (SPO) solves this by letting you manage security profiles as Kubernetes custom resources, record profiles from live workloads, and bind them to pods declaratively.

With v1.0.0, the Security Profiles Operator graduates all eight of its Custom Resource Definition (CRD) APIs to v1. This is the project’s first stable release, backed by a third-party security audit, a full cycle of hardening work, and a zero-downtime migration path from every previous API version.

Six years of API evolution

SPO started in April 2020 as a seccomp-only operator. Over the following years, the project grew to cover SELinux (late 2020), AppArmor (late 2021), profile recording via audit logs and eBPF, OCI-based profile distribution, and more. Each feature introduced new CRDs, and those CRDs stayed at alpha or beta while the APIs matured through real-world use.

Some of these APIs have been stable in practice for years: SeccompProfile shipped at v1beta1 for over four years, SPOD at v1alpha1 for over five. Downstream consumers needed a stable version label to commit to long-term support. The SPO has been available on OperatorHub since 2022 and has shipped as part of Red Hat OpenShift since version 4.12. The window before v1 was the last chance to make breaking changes, and the team used it.

The cleanup involved many pull requests:

  • Structural changes. All CRDs now share a common status type based on upstream Kubernetes conditions. The SPOD spec was reorganized from a flat list of 30+ fields into logical groups (SELinux, Enricher, Webhook, Scheduling, Security). Shared base types were extracted to avoid duplication across CRDs.
  • Type corrections. Several field types were updated to follow Kubernetes API conventions, including replacing unsigned with signed integers. External types that created unnecessary import dependencies were internalized.
  • Convention alignment. Enum values moved to PascalCase (e.g., logs to Logs, RUNNING to Running). Every field received +optional or +required markers. Validation markers were added across all types.

The one deliberate exception: seccomp’s SCMP_ACT_* and SCMP_CMP_* constants keep their uppercase names to match the OCI runtime spec and Linux kernel headers verbatim.

Security audit and hardening

Before graduating to v1, SPO underwent a security code audit. The audit found zero critical vulnerabilities. It confirmed that file paths written to the host are derived from object metadata (not from user-controlled spec fields), that commands are constructed as argument arrays (no shell injection surface), and that RBAC defaults do not grant unnecessary privileges to non-admin users.

The audit identified areas for hardening, especially around the boundary where a tenant’s custom resource gets translated into kernel-level LSM state. The v1.0.0 release addresses these findings:

RawSelinuxProfile: gating and validation. RawSelinuxProfile lets users write arbitrary SELinux CIL policy, which the operator installs on the node. The audit flagged this as the highest-risk path. In v1.0.0, a new enableRawSelinuxProfiles field on the SPOD configuration lets cluster admins disable raw SELinux profile support entirely. A validating admission webhook now rejects invalid raw policies instead of letting them fail at reconciliation.

SelinuxProfile: permissive mode control. The permissive boolean on SelinuxProfile was replaced with a mode enum (Enforcing or Permissive), removing the risk that an unset field could accidentally enable permissive mode.

AppArmor input sanitization. AppArmor profiles accept template inputs for profile names, executable paths, and capabilities. The audit noted that these inputs were loaded without content validation. SPO now applies strict regex validation on all of them and prevents overwriting profiles that are already loaded in the kernel.

Field size limits and validation markers. RawSelinuxProfile.spec.policy now carries a maxLength of 500 KB, limiting the input size before it reaches the SELinux CIL compiler on the node. Validation markers were added across all CRD types.

Additional hardening beyond the audit scope

  • Regex backtracking: Greedy regex operators in the seccomp, SELinux, and AppArmor log parsers were replaced with bounded patterns to prevent crafted audit log lines from causing excessive backtracking.
  • Path restriction: HostProcVolumePath is now validated to match /proc only. The seccomp ListenerPath is restricted to the operator’s socket directory.
  • eBPF recorder resource limits: The eBPF-based profile recorder now caps the number of recorded files and maximum path length, preventing OOM on workloads with high filesystem activity.
  • Process cache accuracy: The process cache now keys on PID plus process start time, preventing stale cache hits after PID reuse.
  • Recording annotation handling: The recording webhook correctly overwrites existing annotations instead of silently skipping already-annotated pods.
  • Metrics cardinality: Unbounded labels were dropped from Prometheus counters to prevent high-cardinality metrics.

Zero-downtime migration

Upgrading to v1.0.0 requires no manual migration steps. Conversion webhooks handle translation between old and new API versions transparently:

  • Old manifests still work: You can continue applying resources using v1alpha1, v1alpha2, or v1beta1 API versions. The conversion webhook translates them to v1 before storage.
  • Old API versions are still served: kubectl get with an old API version returns resources with old-style enum values, even though v1 is the storage version.
  • Enum values map bidirectionally: The conversion layer translates between old-style (logs, RUNNING) and new-style (Logs, Running) enum values in both directions.

Here’s how a ProfileRecording looks before and after:

# Before (v1alpha1)
apiVersion: security-profiles-operator.x-k8s.io/v1alpha1
kind: ProfileRecording
metadata:
  name: my-recording
spec:
  kind: SeccompProfile
  recorder: logs
  mergeStrategy: none
  podSelector:
    matchLabels:
      app: my-app


# After (v1)
apiVersion: security-profiles-operator.x-k8s.io/v1
kind: ProfileRecording
metadata:
  name: my-recording
spec:
  kind: SeccompProfile
  recorder: Logs
  mergeStrategy: None
  podSelector:
    matchLabels:
      app: my-app

For CRDs without enum changes, only the apiVersion line changes. A full migration guide covers Go API consumer updates, enum constant changes, and scheme registration. Old API versions will remain available for backward compatibility and will be removed in a future release.

From operator to upstream Kubernetes

SPO has always been closely connected to upstream security profile work in Kubernetes. The project builds on the seccomp GA API surface (Kubernetes 1.19) and grew alongside related proposals like ConfigMap-based seccomp profiles and built-in seccomp profiles with complain mode.

The latest example of this connection is KEP 6061: OCI Artifact-Based Security Profile Distribution, proposed for an upcoming Kubernetes release as alpha. SPO pioneered OCI-based profile distribution years ago, allowing users to push seccomp, SELinux, and AppArmor profiles to OCI registries and reference them directly from pod specs. KEP 6061 brings this concept into the kubelet natively, adding a PullSecurityProfileArtifact CRI API call so container runtimes can fetch profiles from OCI registries on demand.

The KEP follows the same trust model as localhost profiles: a deny-by-default allowlist at the kubelet, with Pod Security Admission treating OCI profiles like localhost. SPO will continue to provide the higher-level features that the kubelet does not cover: profile recording from live workloads, structured SELinux policy authoring, profile binding to container images, and audit log enrichment.

What’s next

Now that v1 has shipped, the project’s priorities are:

  • Removing old API versions after at least one release cycle.
  • Continued hardening, including tighter RBAC scoping and safer path operations in privileged components.
  • KEP 6061 integration, connecting SPO’s OCI distribution features with the native kubelet support as it matures through alpha and beta.

Try v1.0.0, read the migration guide, and join the conversation in #security-profiles-operator on Kubernetes Slack.

SPO is built by over 70 contributors across multiple organizations. Thanks to everyone who contributed code, filed issues, tested pre-releases, and participated in the security audit. v1 is yours as much as ours.