Microk8s is creating world writeable, no sticky bit folders

Working on a new Microk8s testing / deployment and ran into an issue once we health checked the server installation after the Microk8s installation.

Apparently Microk8s creates pods / volumes directories that are world writeable but do not have sticky bit enabled. Our Linux OS support team is flagging this an issue since any user would be able to delete/renaming the files without being the owner.

As an example of the failed healthcheck on the file permission:
FAIL: /var/snap/microk8s/common/var/lib/kubelet/pods/f013b5e6-2cd2-4245-abdc-7aa4adff2fbe/volumes/kubernetes.io~empty-dir/tmp: world writeable, no sticky bit

Is there a way to fix this ? e.g. Microk8s also enabled sticky bit ? or is there a directory override permission to do it so when we spin up different pods we dont see this issue any more ?

Current Version Info:

kubectl version
Client Version: version.Info{Major:“1”, Minor:“20+”, GitVersion:“v1.20.10-34+3c9720652e8d58”, GitCommit:“3c9720652e8d58d39bcc32257973ef6dbf7e0257”, GitTreeState:“clean”, BuildDate:“2021-08-12T15:03:11Z”, GoVersion:“go1.15.14”, Compiler:“gc”, Platform:“linux/amd64”}
Server Version: version.Info{Major:“1”, Minor:“20+”, GitVersion:“v1.20.10-34+3c9720652e8d58”, GitCommit:“3c9720652e8d58d39bcc32257973ef6dbf7e0257”, GitTreeState:“clean”, BuildDate:“2021-08-12T15:05:30Z”, GoVersion:“go1.15.14”, Compiler:“gc”, Platform:“linux/amd64”}

Thank you in advance …

You maybe referring to this

I think this is a default behavior of kubernetes.

Yes seems so… ill post on the GitHub issue directly. Thank you

Changing filesystem Permissions to enable Linux Sticky bit on the Directory might solve this audit issue.
Something like chmod +1777 instead of 777 would help.