2021/11/04 CloudNative Days Tokyo 2021 17:20-18:00 Track F 乗っ取れコンテナ!! 〜開発者から見たコンテナセキュリティの考え方〜
セッション動画 https://event.cloudnativedays.jp/cndt2021/talks/1187
5SBDL'!NPDIJ[VLJͬऔΕίϯςφʂʂʙ։ൃऀ͔ΒݟͨίϯςφηΩϡϦςΟͷߟ͑ํʙ
View Slide
!NPDIJ[VLJ/BNFɹ,FJUB.PDIJ[VLJʢNPDIJ[VLJʣ3PMFɹ$MPVE&OHJOFFSXIPBNJ
XIPBNJͨ͵͖Ͱͳ͖ͭ͘ͶͰ͢ɻ!NPDIJ[VLJ/BNFɹ,FJUB.PDIJ[VLJʢNPDIJ[VLJʣ3PMFɹ$MPVE&OHJOFFS
ຖि༵ۚdʹ,VCFSOFUFT$MPVE/BUJWFؔ࿈ͷΛ:PV5VCFੜ৴ʹͯࡶஊܗࣜͰ৴͍ͯ͠·͢ɻએIUUQTLVCFOFXTDPOOQBTTDPN!NPDIJ[VLJ!BOUJCFSJBM!CFMMT@ !JU@@DIBHP!63ZP@
ຖि༵ۚdʹ,VCFSOFUFT$MPVE/BUJWFؔ࿈ͷΛ:PV5VCFੜ৴ʹͯࡶஊܗࣜͰ৴͍ͯ͠·͢ɻએIUUQTLVCFOFXTDPOOQBTTDPN!NPDIJ[VLJ!BOUJCFSJBM!CFMMT@ !JU@@DIBHP!63ZP@ҰॹʹϫΠϫΠ͠·͠ΐ͏😆ήετग़ԋઈࢍืूதͰ͢ʂʂ˞ήετग़ԋ͚ΔํҎԼϝϯόʔͷ5XJUUFS%.·Ͱ͝࿈བྷ͚Εͱࢥ͍·͢
ຊηογϣϯͷλʔήοτɹίϯςφΛར༻͢Δ։ൃऀɹίϯςφͷηΩϡϦςΟΛ͜Ε·Ͱ͋·Γҙࣝͯ͠དྷͳ͔ͬͨਓझࢫɹᶃίϯςφΛར༻͢Δ্ͰͷηΩϡϦςΟϦεΫΛ࣮ײ͢ΔɹɹɹҰൠతʹʮʓʓͩͱةͳ͍ʯͱޠΒΕΔηΩϡϦςΟϦεΫʹ͍ͭͯ߈ܸࣄྫΛ༻͍ͯ۩ମతʹཧղ͢ΔɹᶄηΩϡϦςΟϦεΫରࡦͷߟ͑ํΛମܥతʹཧղ͢ΔɹɹηΩϡϦςΟϦεΫͷ۩ମతͳཧղΛ౿·͑ɺͲ͏͍͏ߟ͑ํɾํ๏ͰͦΕΒʹରॲ͖͔͢Λཧղ͢Δ͞ͳ͍͜ͱɹࠓճҎԼʹ͍ͭͯઆ໌ͷର֎͠·͢ɻɹɹɾίϯςφج൫ཧऀઢͰͷηΩϡϦςΟͷߟ͑ํɹɹɾΞϓϦέʔγϣϯϨΠϠʹ͓͚ΔηΩϡϦςΟͷߟ͑ํɹɹɾηΩϡϦςΟϦεΫରࡦख๏ͷཏతͳઆ໌ɹɹɾ֤छπʔϧͷৄࡉͳઆ໌͡Ίʹ
ɾຊൃදαΠόʔ߈ܸΛߠఆ͢ΔͷͰ͋Γ·ͤΜɾൃදͰ༻͍Δίϯςφͱ͍͏ݴ༿جຊతʹSVODͰ࣮ߦ͞ΕΔίϯςφΛࢦ͠·͢ɾܝࡌ༰ݸਓͷݟղͰ͋Γɺॴଐ͢Δاۀ৫ͷཱɺઓུɺҙݟΛද͢ΔͷͰɹ͋Γ·ͤΜɾهࡌ͞Ε͍ͯΔձ໊ࣾɺ໊ɺ·ͨαʔϏε໊ɺ֤ࣾͷඪొ·ͨඪͰ͢͡Ίʹ
ίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓίϯςφͷ߈ܸࣄྫɹ֓ཁɹίϯςφΛͬऔΔɹίϯςφϗετΛͬऔΔɹ߈ܸͷ·ͱΊίϯςφηΩϡϦςΟͷߟ͑ํɹ֓ཁɹΠϝʔδϨΠϠίϯςφϨΠϠ·ͱΊ"HFOEB
ϗετ04ͷϦεΫɾେ͖ͳΞλοΫαʔϑΣεɾڞ༗Χʔωϧɾϗετ04ίϯポʔωϯτͷ੬ऑੑɾෆదͳϢʔザΞΫηεݖɾϗετ04ϑΝΠϧγεςϜͷվざΜΦʔέετϨʔλʔͷϦεΫɾ੍ݶͷͳ͍ཧऀΞΫηεɾෆਖ਼ΞΫηεɾίϯςφؒωοτϫʔΫτϥϑΟοΫͷෆेͳɾϫʔΫϩʔドͷػඍੑϨベϧͷࠞ߹ɾΦʔέετϨʔλϊʔドͷ৴པϨδετϦͷϦεΫɾϨジετϦͷηΩϡΞでͳ͍ଓɾϨジετϦͷݹ͍ΠϝʔジɾೝূɾೝՄͷෆेͳ੍ݶίϯςφͷϦεΫɾϥϯλΠϜιϑτΣΞͷ੬ऑੑɾίϯςφ͔Βͷແ੍ݶͷωοτϫʔΫΞΫηεɾηΩϡΞでͳ͍ίϯςφϥϯλΠϜͷઃఆɾΞプϦͷ੬ऑੑɾະঝೝίϯςφΠϝʔδͷϦεΫɾΠϝʔジͷ੬ऑੑɾΠϝʔジͷઃఆͷෆඋɾຒΊࠐ·ΕͨϚϧΣΞɾຒΊࠐ·Εͨฏจͷൿີใɾ৴པで͖ͳ͍Πϝʔジͷ༻ίϯςφηΩϡϦςΟͷϓϥΫςΟεͷදతྫͱͯ͠ɺ/*4541ΞϓϦέʔγϣϯίϯςφηΩϡϦςΟΨΠυ͕͋Γ·͢ɻຊϓϥΫςΟεʹΑΔͱίϯςφηΩϡϦςΟͱͯ͠ѻ͏͖είʔϓҎԼͷΑ͏ʹఆٛ͞Ε͍ͯ·͢ɻ/*4541ΞϓϦέʔγϣϯίϯςφηΩϡϦςΟΨΠυʢ*1"ຊޠ༁൛ʣIUUQTXXXJQBHPKQfiMFTQEGίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓ
ϗετ04ͷϦεΫɾେ͖ͳΞλοΫαʔϑΣεɾڞ༗Χʔωϧɾϗετ04ίϯポʔωϯτͷ੬ऑੑɾෆదͳϢʔザΞΫηεݖɾϗετ04ϑΝΠϧγεςϜͷվざΜΦʔέετϨʔλʔͷϦεΫɾ੍ݶͷͳ͍ཧऀΞΫηεɾෆਖ਼ΞΫηεɾίϯςφؒωοτϫʔΫτϥϑΟοΫͷෆेͳɾϫʔΫϩʔドͷػඍੑϨベϧͷࠞ߹ɾΦʔέετϨʔλϊʔドͷ৴པϨδετϦͷϦεΫɾϨジετϦͷηΩϡΞでͳ͍ଓɾϨジετϦͷݹ͍ΠϝʔジɾೝূɾೝՄͷෆेͳ੍ݶίϯςφͷϦεΫɾϥϯλΠϜιϑτΣΞͷ੬ऑੑɾίϯςφ͔Βͷແ੍ݶͷωοτϫʔΫΞΫηεɾηΩϡΞでͳ͍ίϯςφϥϯλΠϜͷઃఆɾΞプϦͷ੬ऑੑɾະঝೝίϯςφΠϝʔδͷϦεΫɾΠϝʔジͷ੬ऑੑɾΠϝʔジͷઃఆͷෆඋɾຒΊࠐ·ΕͨϚϧΣΞɾຒΊࠐ·Εͨฏจͷൿີใɾ৴པで͖ͳ͍Πϝʔジͷ༻ίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓίϯςφηΩϡϦςΟͷϓϥΫςΟεͷදతྫͱͯ͠ɺ/*4541ΞϓϦέʔγϣϯίϯςφηΩϡϦςΟΨΠυ͕͋Γ·͢ɻຊϓϥΫςΟεʹΑΔͱίϯςφηΩϡϦςΟͱͯ͠ѻ͏͖είʔϓҎԼͷΑ͏ʹఆٛ͞Ε͍ͯ·͢ɻ/*4541ΞϓϦέʔγϣϯίϯςφηΩϡϦςΟΨΠυIUUQTXXXJQBHPKQfiMFTQEGงғؾ͔Δʂʂ͕ɺ۩ମతʹଊ͑ਏ͍ɾɾɾ˞ݸਓͷݟղͰ͢
3FHJTUSZ$MPVE/8)PTU040SDIFTUSBUPS$POUBJOFS3VOUJNF$POUBJOFS$POUBJOFS*NBHF"QQMJDBUJPO%FWFMPQFS"ENJOJTUSBUPSσϓϩΠ͢ΔίϯςφͷηΩϡϦςΟΛߟ͑Δίϯςφج൫ͷηΩϡϦςΟΛߟ͑ΔɾͲͷΑ͏ͳίϯςφΛσϓϩΠ͢Δ͔ɾίϯςφʹͲͷΑ͏ͳઃఆΛߦ͏͔ɾج൫ΛͲͷΑ͏ʹཧ͢Δ͔ɾج൫ʹͲͷΑ͏ͳઃఆΛߦ͏͔ɾج൫ʹͲͷΑ͏ͳ੍ݶΛ͔͚Δ͔ɾج൫ΛͲͷΑ͏ʹࢹ͢Δ͔/*4541ΛϕʔεʹίϯςφηΩϡϦςΟͰѻ͏είʔϓΛ͞ΒʹࡉԽ͢ΔͱɺҎԼͷΑ͏ʹ։ൃऀͱج൫ཧऀͦΕͧΕͰ୲͏͖ϨΠϠʹ͚Δ͜ͱ͕Ͱ͖·͢ɻҰൠతʹ͜ΕΒ֤ϨΠϠͦΕͧΕʹରͯ͠ηΩϡϦςΟରࡦΛߦ͏ଟޚͷߟ͑ํ͕ਪ͞Ε·͢ɻίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓ
3FHJTUSZ$MPVE/8)PTU040SDIFTUSBUPS$POUBJOFS3VOUJNF$POUBJOFS$POUBJOFS*NBHF"QQMJDBUJPO%FWFMPQFS"ENJOJTUSBUPSσϓϩΠ͢ΔίϯςφͷηΩϡϦςΟΛߟ͑Δίϯςφج൫ͷηΩϡϦςΟΛߟ͑ΔɾͲͷΑ͏ͳίϯςφΛσϓϩΠ͢Δ͔ɾίϯςφʹͲͷΑ͏ͳઃఆΛߦ͏͔ɾج൫ΛͲͷΑ͏ʹཧ͢Δ͔ɾج൫ʹͲͷΑ͏ͳઃఆΛߦ͏͔ɾج൫ʹͲͷΑ͏ͳ੍ݶΛ͔͚Δ͔ɾج൫ΛͲͷΑ͏ʹࢹ͢Δ͔ຊηογϣϯͰͦͷதͰ։ൃऀͷϨΠϠʹؔ͢ΔηΩϡϦςΟϦεΫٴͼରࡦͷߟ͑ํΛ۩ମతͳྫʹج͖ͮѻ͍͖͍ͬͯͨͱࢥ͍·͢ɻίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓ˞"QQMJDBUJPOʹ͍ͭͯ։ൃऀͷൣғͰ͋Γ·͕͢ɺࠓճͷझࢫͱҳΕΔͨΊ͜͜Ͱείʔϓ͔Βআ֎͍ͯ͠·͢
3PMF -BZFS /*4541ΠϝʔδͷϦεΫ ίϯςφͷϦεΫ ΦʔέετϨʔλͷϦεΫ ϗετ04ͷϦεΫ ϨδετϦͷϦεΫ%FWFMPQFS "QQMJDBUJPO ΞプϦͷ੬ऑੑ$POUBJOFS*NBHF Πϝʔδͷ੬ऑੑΠϝʔδͷઃఆෆඋຒΊࠐ·ΕͨϚϧΣΞຒΊࠐ·Εͨฏจͷൿີใ৴པͰ͖ͳ͍Πϝʔδͷ༻$POUBJOFS Πϝʔδͷઃఆෆඋ ηΩϡΞでͳ͍ίϯςφϥϯλΠϜͷઃఆ ڞ༗Χʔωϧϗετ04ϑΝΠϧγεςϜͷվざΜ"ENJOJTUSBUPS $POUBJOFS3VOUJNF ϥϯλΠϜιϑτΣΞͷ੬ऑੑ0SDIFTUSBUPS ίϯςφ͔Βͷແ੍ݶͷωοτϫʔΫΞΫηεະঝೝίϯςφ੍ݶͷͳ͍ཧऀΞΫηεෆਖ਼ΞΫηείϯςφؒωοτϫʔΫτϥϑΟοΫͷෆेͳϫʔΫϩʔドͷػඍੑϨベϧͷࠞ߹ΦʔέετϨʔλϊʔドͷ৴པ)PTU04 ڞ༗Χʔωϧϗετ04ϑΝΠϧγεςϜͷվざΜϗετ04ίϯポʔωϯτͷ੬ऑੑେ͖ͳΞλοΫαʔϑΣεෆదͳϢʔザΞΫηεݖ$MPVE/8 େ͖ͳΞλοΫαʔϑΣεෆదͳϢʔザΞΫηεݖ3FHJTUSZ ϨδετϦͷηΩϡΞͰͳ͍ଓϨδετϦͷݹ͍ΠϝʔδೝূɾೝՄͷෆेͳ੍ݶʢࢀߟʣ֤ϨΠϠͷϚοϐϯάίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓ
$MPVE/BUJWF%BZT5PLZPʮ߈ܸ͠ͳ͕Βߟ͑Δ,VCFSOFUFTͷηΩϡϦςΟʯɹࢿྉɹIUUQTTQFBLFSEFDLDPNGVKJJIEBDPOTJEFSJOHLVCFSOFUFTTFDVSJUZXIJMFBUUBDLJOHɹಈըɹIUUQTFWFOUDMPVEOBUJWFEBZTKQDOEUUBMLT$MPVE/BUJWF%BZT0OMJOFʮ͔͜͜Β͡ΊΔ,VCFSOFUFTηΩϡϦςΟʯɹࢿྉɹIUUQTTQFBLFSEFDLDPNUFUTVZBJTPHBJLVCFSOFUFTTFDVSJUZɹಈըɹIUUQTFWFOUDMPVEOBUJWFEBZTKQDOEPUBMLTج൫ཧऀઢͷϦεΫηΩϡϦςΟରࡦʹڵຯ͕͋ΔํɺҎԼͷηογϣϯ͕ࢀߟʹͳΔͱࢥ͍·͢ͷͰ߹Θͤͯ͝ཡ͍ͩ͘͞ɻʢࢀߟʣج൫ཧऀઢͷηΩϡϦςΟίϯςφηΩϡϦςΟͷશମ૾ͱείʔϓ
͔͜͜Β։ൃऀͷϨΠϠΛείʔϓͱͨ͠ηΩϡϦςΟϦεΫΛ࣮ײ͢ΔͨΊɺηΩϡϦςΟϦεΫΛؚΉίϯςφʹର͢Δ߈ܸࣄྫΛղઆ͍͖ͯ͠·͢ɻࠓճͷݕূٴͼղઆҎԼͷڥΛલఏͱ͍ͯ͠·͢ɻڥɹ-JOVY,FSOFMɿHFOFSJDɹ04ɿ6CVOUV-54ɹ,VCFSOFUFTɿWɹ$3*ɿDPOUBJOFSEɹ0$*ɿSVOD1P$ࢿࡐ63-ɹNPDIJ[VLJ$7&"QBDIF%FCJBOɹIUUQTHJUIVCDPNNPDIJ[VLJ$7&"QBDIF%FCJBOੋඇͬͯΈͯͶʂ˞ࣗ͝ͷڥͰʂʂʂʂίϯςφͷ߈ܸࣄྫ֓ཁ
IUUQTBUUBDLNJUSFPSHNBUSJDFTFOUFSQSJTFDPOUBJOFSTίϯςφͷ߈ܸࣄྫ֓ཁ.*53&"55$,߈ܸऀͷઓུʢ5BDUJDTʣͱٕज़ʢ5FDIOJRVFTʣΛੳ͠ཧͨ͠φϨοδϕʔεɻίϯςφʹରͯ͠ߦΘΕಘΔ߈ܸύλʔϯΛཧղ͢Δͷʹཱͭɻ
IUUQTBUUBDLNJUSFPSHNBUSJDFTFOUFSQSJTFDPOUBJOFSTίϯςφͷ߈ܸࣄྫ֓ཁ߈ܸϑΣʔζ߈ܸख๏.*53&"55$,߈ܸऀͷઓུʢ5BDUJDTʣͱٕज़ʢ5FDIOJRVFTʣΛੳ͠ཧͨ͠φϨοδϕʔεɻίϯςφʹରͯ͠ߦΘΕಘΔ߈ܸύλʔϯΛཧղ͢Δͷʹཱͭɻ
IUUQTBUUBDLNJUSFPSHNBUSJDFTFOUFSQSJTFDPOUBJOFSTίϯςφͷ߈ܸࣄྫ֓ཁ.*53&"55$,ຊओʹҎԼͰࣔͨ͠ՕॴΛରͱͯ͠߈ܸσϞΛߦͳ͍͖ͬͯ·͢ɻ
%FWFMPQFS,VCFSOFUFT$MVTUFS 8PSLFS/PEF8PSLFS/PEF.BOJGFTU$POUBJOFS*NBHF4FSWJDF"4FSWJDF#4FSWJDF$LVCFDUMBQQMZ.BTUFS/PEF8FCαΠτΛίϯςφͱͯ͠σϓϩΠ͋ΔνʔϜͰ,VCFSOFUFTΛίϯςφج൫ͱͯ͠ར༻͓ͯ͠ΓɺΞϓϦ։ൃऀ༷ʑͳαʔϏεΛίϯςφʢ1PEʣͱͯ͠σϓϩΠ͍ͯ͠·͢ɻ͋Δ࣌ɺ৽ͨʹ8FCαʔϏεΛϢʔβʔʹఏڙ͠Α͏ͱίϯςφΛσϓϩΠ͠·ͨ͠ɻ˞ࠓճͷέʔεͰ8FCαʔϏεσϓϩΠʹ༻͍ΔίϯςφΠϝʔδɺ,VCFSOFUFT.BOJGFTUʢίϯςφىಈઃఆʣɹʹηΩϡϦςΟϦεΫΛؚΜͰ͓Γɺ߈ܸऀͦΕΒΛར༻ͯ͠߈ܸΛֻ͚·͢ηΩϡϦςΟϦεΫΛؚΉίϯςφͷ߈ܸࣄྫ֓ཁ
%FWFMPQFS,VCFSOFUFT$MVTUFS 8PSLFS/PEF8PSLFS/PEF4FSWJDF"4FSWJDF#4FSWJDF$8FCLVCFDUMHFUQPE/".&3&"%:45"5643&45"354"(&XFC3VOOJOHNTFSWJDF@B3VOOJOHINTFSWJDF@C3VOOJOHINTFSWJDF@D3VOOJOHIN.BTUFS/PEFίϯςφͷ߈ܸࣄྫ֓ཁ͋ΔνʔϜͰ,VCFSOFUFTΛίϯςφج൫ͱͯ͠ར༻͓ͯ͠ΓɺΞϓϦ։ൃऀ༷ʑͳαʔϏεΛίϯςφʢ1PEʣͱͯ͠σϓϩΠ͍ͯ͠·͢ɻ͋Δ࣌ɺ৽ͨʹ8FCαʔϏεΛϢʔβʔʹఏڙ͠Α͏ͱίϯςφΛσϓϩΠ͠·ͨ͠ɻ˞ࠓճͷέʔεͰ8FCαʔϏεσϓϩΠʹ༻͍ΔίϯςφΠϝʔδɺ,VCFSOFUFT.BOJGFTUʢίϯςφىಈઃఆʣɹʹηΩϡϦςΟϦεΫΛؚΜͰ͓Γɺ߈ܸऀͦΕΒΛར༻ͯ͠߈ܸΛֻ͚·͢
6TFS,VCFSOFUFT$MVTUFS 8PSLFS/PEF8PSLFS/PEF4FSWJDF"4FSWJDF#4FSWJDF$8FC /8.BTUFS/PEF8FCαΠτʹΞΫηεϢʔβʔ৽ͨʹެ։͞Εͨ8FCαʔϏεʹΞΫηε͠ɺαʔϏεΛར༻͠·͢ɻίϯςφͷ߈ܸࣄྫ֓ཁ
ࠓճͷ8FCαʔϏεҎԼͷΑ͏ʹඇৗʹγϯϓϧͳ༰ͷͷͱͳ͍ͬͯ·͢ɻϖʔδʹຒΊࠐ·ΕͨϦϯΫΛΫϦοΫ͢ΔͱɺରͷϖʔδʹҠಈͰ͖ΔΑ͏ʹͳ͍ͬͯ·͢ɻIUUQDPOUBJOFSIBOETPOMPDBM˞-PBE#BMBODFSͳΜΒ͔ͷखஈΛ༻͍ͯίϯςφΛ֎෦ެ։͍ͯ͠Δίϯςφͷ߈ܸࣄྫ֓ཁ
ίϯςφͷ߈ܸࣄྫ֓ཁࠓճͷ8FCαʔϏεҎԼͷΑ͏ʹඇৗʹγϯϓϧͳ༰ͷͷͱͳ͍ͬͯ·͢ɻϖʔδʹຒΊࠐ·ΕͨϦϯΫΛΫϦοΫ͢ΔͱɺରͷϖʔδʹҠಈͰ͖ΔΑ͏ʹͳ͍ͬͯ·͢ɻ
"UUBDLFS,VCFSOFUFT$MVTUFS 8PSLFS/PEF8PSLFS/PEF4FSWJDF"4FSWJDF#4FSWJDF$8FC /8.BTUFS/PEFѱҙͷ͋ΔϢʔβʔʢ߈ܸऀʣ͕8FCαʔϏεͷηΩϡϦςΟϦεΫΛൃݟ͠ɺ߈ܸΛֻ͚Α͏ͱࢼΈ·͢ɻͳ͓ɺࠓճͷྫͰ߈ܸऀҰൠϢʔβʔͱಉ͘͡Πϯλʔωοτӽ͠ʹαʔϏεʹΞΫηε͢Δͷͱ͠·͢ɻ˞ຊདྷ߈ܸΛֻ͚Δࡍ߈ܸऀ͕ͲͷΑ͏ʹηΩϡϦςΟϦεΫΛൃݟ͢Δ͔ɺͲͷΑ͏ʹ߈ܸରͷߏΛΔ͔ɺɹͱ͍ͬͨ؍ߟྀ͢Δඞཁ͕͋Γ·͕͢ɺࠓճͷझࢫͱ͕ҳΕΔͨΊলུ͍͖ͤͯͨͩ͞·͢ɻ"UUBDLίϯςφͷ߈ܸࣄྫ֓ཁ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣ4FSWJDF"8FCࠓճͷγφϦΦͰ߈ܸऀҎԼͷͭͷ߈ܸΛࢼΈ·͢ɻɹ<γφϦΦᶃ>ίϯςφΛͬऔΔɹɹ8FCαʔϏεʹෆਖ਼ͳϦΫΤετΛૹΓ͚ͭΔ͜ͱͰίϯςφʹόοΫυΞΛֻ͚ͯ৵ೖ͢Δɻɹɹͦͷޙɺ8FCαΠτͷϦϯΫΛॻ͖͑Δɻɹ<γφϦΦᶄ>ίϯςφϗετΛͬऔΔɹɹ৵ೖͨ͠ίϯςφ͔Βίϯςφϗετʹରͯ͠ෆਖ਼ͳίϚϯυΛൃߦ͢ΔɻɹɹίϚϯυ࣮ߦʹΑΓόοΫυΞΛֻ͚Δ͜ͱͰίϯςφϗετʹ৵ೖ͢Δɻᶃίϯςφʹ৵ೖᶃ8FCαΠτΛॻ͖͑DNEᶄίϯςφϗετʹରͯ͠ෆਖ਼ͳίϚϯυΛ࣮ߦ#BDL%PPSᶄόοΫυΞΛ࡞ᶄόοΫυΞΛܦ༝ͯ͠৵ೖίϯςφͷ߈ܸࣄྫ֓ཁ˞։ൃऀ͕ηΩϡϦςΟϦεΫΛؚΉίϯςφΛσϓϩΠ͍ͯ͠ΔέʔεΛఆͨ͠߈ܸσϞΛతͱɹ͍ͯ͠ΔͨΊɺҙਤతʹ੬ऑͳڥΛ࡞͍ͯ͠·͢ɹ·ͨɺίϯςφϨΠϠͷϦεΫΛදݱ͢ΔͨΊɺ͋͑ͯج൫ཧϨΠϠͷηΩϡϦςΟରࡦɹߦ͍ͬͯ·ͤΜ
ͬऔ͍͎ͬͯ͘ʂʂ😎
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣ࠷ॳʹ߈ܸऀҎԼͷΑ͏ͳ)551ϦΫΤετΛ8FCαʔϏείϯςφʹରͯ͠ൃߦ͠·͢ɻ͜ΕʹΑΓίϯςφͰෆਖ਼ʹίϚϯυ͕࣮ߦ͞Εɺίϯςφʹ৵ೖ͢ΔͨΊͷόοΫυΞ͕࡞͞Ε·͢ɻෆਖ਼ͳ)551ϦΫΤετΛૹ৴ODOWMQDVSM)VTFSBHFOU \^FDIPCJOODFCJOCBTI߈ܸ*1IUUQDPOUBJOFSIBOETPOMPDBMDHJCJOWVMOFSBCMF8FC߈ܸऀʢλʔϛφϧʣ߈ܸऀʢλʔϛφϧʣλʔϛφϧͷ)551ϦΫΤετͰϔομʹ༩ͨ͠ίϚϯυ͕࣮ߦ͞Εɺ߈ܸऀͱηογϣϯΛཱ֬ϙʔτͪड͚CJOODίϯςφͷ߈ܸࣄྫᶃίϯςφΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣ߈ܸऀͷλʔϛφϧͰίϯςφʹ৵ೖͰ͖ͨʢίϯςφͷTIFMMΛऔಘͰ͖ͨʣ͜ͱ͕֬ೝͰ͖·͢ɻ͜ΕʹΑΓ߈ܸऀίϯςφͰҙͷૢ࡞͕ՄೳʹͳΓ·ͨ͠ɻίϯςφʹ৵ೖODOWMQ-JTUFOJOHPO$POOFDUJPOSFDFJWFEPOJEVJE XXXEBUBHJE XXXEBUBHSPVQT XXXEBUB XIFFMIPTUOBNFXFC8FCίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣ߈ܸऀίϯςφͰҙͷίϚϯυΛ࣮ߦՄೳʹͳͬͨϙʔτͪड͚ίϯςφͱηογϣϯཱ֬ίϯςφͷ߈ܸࣄྫᶃίϯςφΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣ৵ೖͨ͠ίϯςφͰҎԼͷίϚϯυΛ࣮ߦ͠ɺ8FCίϯςϯπͷϦϯΫΛॻ͖͑·͢ɻ8FCαΠτΛॻ͖͑TVEPTFEJFTIUUQTaaaXXXLBUBDPEBDPNaDPVSTFTaLVCFSOFUFTEBOHFSIUNMWBSXXXIUNMJOEFYIUNM8FCίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣ˞ࠓճݕূ༻ͱ͍͏͜ͱͰ͋Β͔͡Ίίϯςφʹ༻ҙͨ͠μϛʔϖʔδʢWBSXXXIUNMEBOHFSIUNMʣʹϦϯΫઌΛมߋ͍ͯ͠·͢ɻϙʔτͪड͚ίϯςφͱηογϣϯཱ֬ίϯςφͷ߈ܸࣄྫᶃίϯςφΛͬऔΔ
࣮ࡍʹ8FCαΠτʹΞΫηεͯ͠Έ·͢ɻҰݟมΘΓ͋Γ·ͤΜ͕ɾɾɾίϯςφͷ߈ܸࣄྫᶃίϯςφΛͬऔΔ
ϦϯΫ͕վ᜵͞Ε͓ͯΓϢʔβʔҙਤ͠ͳ͍ϖʔδʹ༠ಋ͞Εͯ͠·͍·͢ɻ͜͜·ͰͰ߈ܸऀ8FCαʔϏεΛఏڙ͢Δίϯςφʹ৵ೖ͠ɺίϯςϯπͷվ᜵Λߦ͏͜ͱ͕Ͱ͖·ͨ͠ɻʢίϯςφΛͬऔΔ͜ͱ͕Ͱ͖ͨʣίϯςφͷ߈ܸࣄྫᶃίϯςφΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣଓ͍ͯ৵ೖͨ͠ίϯςφ͔Β8PSLFS/PEFͰҙͷίϚϯυΛ࣮ߦ͢Δ͜ͱΛࢼΈ·͢ɻ˞͜ͷΑ͏ʹຊདྷִ͞Ε͍ͯΔͣͷίϯςφ͔Βίϯςφ֎ʢϗετͳͲʣʹରͯ͠ӨڹΛٴ΅͢͜ͱΛ$POUBJOFS#SFBLPVUͱݺͿ·ͣίϯςφͰSPPUʢಛݖϢʔβʔʣʹঢ֨͠·͢ɻ͜ΕͰ৵ೖͨ͠ίϯςφͰ߈ܸऀSPPUͱͯ͠ৼΔ͏͜ͱ͕ՄೳʹͳΓ·ͨ͠ɻJEVJE XXXEBUBHJE XXXEBUBHSPVQT XXXEBUB XIFFMTVEPTVJEVJE SPPUHJE SPPUHSPVQT SPPU8FCίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣTVEPTVίϯςφͰಛݖϢʔβʔʹঢ֨ίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣϗετͰ࣮ߦ͍ͨ͠ϓϩάϥϜΛίϯςφͰ࡞͠·͢ɻDBU&0'DNECJOTIFDIPIPTUOBNF$PNNBOEGSPN$POUBJOFSUNQPVUQVUIPTUOBNFUNQPVUQVU&0'DINPEYDNE8FCίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣDBUϓϩάϥϜΛ࡞DNEίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣઌ΄ͲίϯςφͰ࡞ͨ͠ϑΝΠϧDNEͷ࣮ଶɺϗετ্ͷSPPUGTʹॴଐ͢ΔಛఆσΟϨΫτϦʹଘࡏ͢Δ͜ͱʹͳΓ·͢ɻ͜ΕίϯςφͷSPPUGT͕ϗετ্ͷ0WFSMBZ'4͔ΒϚϯτ͞Ε͍ͯΔͨΊͰ͢ɻ0WFSMBZ'4ෳͷσΟϨΫτϦΛॏͶ߹ΘͤͯͭͷϑΝΠϧγεςϜΛ࠶ݱ͢ΔΈͰ͋Γɺ0WFSMBZ'4ʹର͢Δߋ৽6QQFSEJSʹө͞Ε·͢ɻNPVOUUPWFSMBZPWFSMBZPOUZQFPWFSMBZ SX SFMBUJNF MPXFSEJSWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGT VQQFSEJSWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGT XPSLEJSWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTXPSL YJOPPff8FCίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣTZTGTDHSPVQSENBYOPUJGZ@PO@SFMFBTFDNE0WFSMBZGT6QQFSEJS-PXFSEJS -BZFS-PXFSEJS -BZFSXPSLDNE࣮ମϗετ্ͷ0WFSMBZGTʹଘࡏ˞Ϛϯτ͞Ε͍ͯΔ0WFSMBZGTͷϗετ্ͰͷύεɺίϯςφͰNPVOUίϚϯυΛ࣮ߦ͢Δ͜ͱͰ֬ೝՄೳͰ͢ɻίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣίϯςφͰDHSPVQͱݺΕΔಛघͳϑΝΠϧγεςϜʹରͯ͠σΟϨΫτϦΛ࡞͠·͢ɻ͜ͷDHSPVQͱ͍͏ϑΝΠϧγεςϜʹ͍ͭͯίϯςφͱϗετͰڞ༗͞Ε͍ͯΔͨΊɺ͜͜Ͱίϯςφ͔ΒϗετͷDHSPVQΛૢ࡞͍ͯ͠Δ͜ͱʹͳΓ·͢ɻ˞ҰൠతʹίϯςφͱϗετͰϑΝΠϧγεςϜִ͞Ε·͢ɻ͔͠͠DHSPVQʹ͍ͭͯσϑΥϧτͰDHSPVQOBNFTQBDF͕ڞ௨Ͱ͋ΔͨΊɺํͰڞ༗͞ΕΔࣄʹͳΔ͜ͱʹͳΓ·͢ɻNLEJSTZTGTDHSPVQSENBYMTTZTGTDHSPVQSENBDHSPVQDMPOF@DIJMESFODHSPVQQSPDTDHSPVQTBOF@CFIBWJPSOPUJGZ@PO@SFMFBTFSFMFBTF@BHFOUUBTLTY8FCίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣSPPU!LTDMVTUFSXPSLFSdMTTZTGTDHSPVQSENBDHSPVQDMPOF@DIJMESFODHSPVQQSPDTDHSPVQTBOF@CFIBWJPSOPUJGZ@PO@SFMFBTFSFMFBTF@BHFOUUBTLTYίϯςφϗετTZTGTDHSPVQSENBYNLEJSίϯςφͰDHSPVQΛ࡞͢Δͱɺಉ͡ͷ͕ϗετ্ʹ࡞͞ΕΔίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣDHSPVQ͕ίϯςφͱϗετͰڞ௨Ͱ͋Δ͜ͱΛར༻͢ΔͱɺҎԼͷΑ͏ͳίϚϯυૢ࡞Λߦ͏͜ͱͰઌ΄Ͳ༻ҙͨ͠ϓϩάϥϜΛDHSPVQͷػೳΛ༻͍ͯൃՐͤ͞ɺϗετ্Ͱ࣮ߦͰ͖ΔΑ͏ʹͳΓ·͢ɻ<ิ>ɹDHSPVQͱΧʔωϧ্ͷϓϩηεʹରͯ͠Ϧιʔεͷ੍ݶΛߦ͏ΈͰ͋Γɺ͜͜ͰDHSPVQWͷͭSFMFBTFBHFOUͱ͍͏ػೳΛར༻͍ͯ͠·͢ɻɹSFMFBTFBHFOUΛ༗ޮʢᶃʣʹ্ͨ͠ͰઃఆϑΝΠϧʹϓϩάϥϜΛొʢᶄʣ͓ͯ͘͜͠ͱͰɺಛఆͷDHSPVQʹॴଐ͢Δϓϩηε͕શͯऴྃʢᶅʣͨ͜͠ͱΛܖػʹɹͦͷϓϩάϥϜΛ࣮ߦ͢Δ͜ͱ͕Ͱ͖·͢ɻ8FCTZTGTDHSPVQSENBYOPUJGZ@PO@SFMFBTFίϚϯυ࣮ߦ TI0WFSMBZGT6QQFSEJS-PXFSEJS -BZFS-PXFSEJS -BZFSXPSLDNESFMFBTF@BHFOUొ͞ΕͨϓϩάϥϜΛൃՐDHSPVQQSPDTQSPDFTTίϚϯυ࣮ߦ࣌ʹ1*%͕ొ͞Εྃʹ͍আ͞ΕΔ˞Yʹॴଐ͢Δϓϩηε͕શͯऴྃͨ͠ͱΈͳ͞ΕΔϗετ্Ͱ࣮ߦFDIPTZTGTDHSPVQSENBYOPUJGZ@PO@SFMFBTFFDIPWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTDNETZTGTDHSPVQSENBSFMFBTF@BHFOUTIDFDIPaaTZTGTDHSPVQSENBYDHSPVQQSPDTίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣɾɾɾᶃɾɾɾᶄɾɾɾᶅϗετ্ͰͷDNEͷύείϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
ίϯςφͰ༻ҙͨ͠ϓϩάϥϜ͕ϗετ্Ͱ࣮ߦ͞Εͨ͜ͱΛ֬ೝ͠·͢ɻࠓճҎԼͷΑ͏ʹϗετଆʹϑΝΠϧΛ࡞͠ɺϝοηʔδΛग़ྗ͢ΔίϚϯυΛϓϩάϥϜͰఆٛ͠·ͨ͠ɻϗετ্Ͱ֬ೝ͢ΔͱίϯςφͰ༻ҙͨ͠ϓϩάϥϜ͕࣮ߦ͞Εɺϝοηʔδ͕ग़ྗ͞Ε͍ͯΔ͜ͱ͕͔Γ·͢ɻ͜ΕͰ߈ܸऀίϯςφ͔Βϗετʹରͯ͠ҙͷίϚϯυΛൃߦͰ͖ΔΑ͏ʹͳΓ·ͨ͠ɻίϯςφͰ༻ҙͨ͠ϓϩάϥϜʢ࠶ܝʣSPPU!LTDMVTUFSXPSLFSdDBUUNQPVUQVUIPTUOBNF$PNNBOEGSPN$POUBJOFSLTDMVTUFSXPSLFSDBU&0'DNECJOTIFDIPIPTUOBNF$PNNBOEGSPN$POUBJOFSUNQPVUQVUIPTUOBNFUNQPVUQVU&0'ϗετ্ͰͷίϚϯυ࣮ߦ݁Ռίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
ίϯςφ͔Βϗετ্ͰҙͷίϚϯυΛ࣮ߦͰ͖Δ͜ͱΛར༻͠ɺϗετʹόοΫυΞΛֻ͚ͯ৵ೖ͢Δ͜ͱΛࢼΈ·͢ɻ·ͣϗετͷ*1ΞυϨεΛऔಘ͠·͢ɻίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣDBU&0'DNECJOTIJQBWBSMJCDPOUBJOFSEJPDPOUBJOFSETOBQTIPUUFSWPWFSMBZGTTOBQTIPUTGTJQUYU&0'ϗετ͔ΒݟͨίϯςφͷSPPUGTͷύεTIDFDIPaaTZTGTDHSPVQSENBYDHSPVQQSPDTDBUJQUYUʢུʣFOT#30"%$"45 .6-5*$"45 61 -08&3@61NUVREJTDNRTUBUF61HSPVQEFGBVMURMFOMJOLFUIFSDEDDCSEffffffffffffJOFUCSETDPQFHMPCBMFOTʢུʣϓϩάϥϜͷ࡞ϓϩάϥϜͷ࣮ߦϓϩάϥϜͷ࣮ߦ݁Ռͷ֬ೝίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
ҎԼͷΑ͏ͳίϚϯυΛͦΕͧΕ߈ܸऀٴͼίϯςφ࣮ͯߦ͢Δ͜ͱͰϗετʹରͯ͠όοΫυΞΛֻ͚ɺ߈ܸऀ͔Βϗετʹ৵ೖ͢Δ͜ͱ͕Ͱ͖·͢ɻίϯςφʢ߈ܸऀͷλʔϛφϧ͔Β৵ೖʣDBU&0'DNECJOTIODMcCBTIcOD߈ܸ*1&0'TIDFDIPaaTZTGTDHSPVQSENBYDHSPVQQSPDTODM߈ܸऀʢλʔϛφϧʣOD߈ܸऀʢλʔϛφϧʣ"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣ8FCDNEϙʔτͪड͚#BDL%PPSʢϙʔτͪड͚ʣ ϙʔτѼ௨৴όοΫυΞΛ࡞ίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔઌ΄Ͳऔಘͨ͠ϗετͷ*1ΞυϨε
߈ܸऀʹ͓͍ͯɺλʔϛφϧͰίϚϯυΛൃߦ͢Δͱͦͷ࣮ߦ݁Ռ͕λʔϛφϧʹදࣔ͞ΕΔΑ͏ʹͳΓ·ͨ͠ɻ͜ΕͰ߈ܸऀࣗͷ͔Βίϯςφϗετʹରͯ͠ҙͷίϚϯυΛൃߦͰ͖ΔΑ͏ʹͳΓ·ͨ͠ɻʢίϯςφϗετΛͬऔΔ͜ͱ͕Ͱ͖ͨʣODMVJE SPPUHJE SPPUHSPVQT SPPULTDMVTUFSXPSLFS$0/5"*/&3*%*."(&$3&"5&%45"5&/".&"55&.1510%*%GFEBCFEDFCNJOVUFTBHP3VOOJOHXFCFCDCFGFEEFDFDFCIPVSTBHP3VOOJOHTFSWJDF@BGEECFGFBFEFCCBECEEBZTBHP3VOOJOHLVCFQSPYZDEDBCBDGFEGCEEBZTBHP3VOOJOHDPSFEOTCEDF߈ܸऀʢλʔϛφϧʣODJEIPTUOBNFDSJDUMQT"UUBDLFS$POUBJOFS)PTUʢ8PSLFS/PEFʣ8FC߈ܸऀόοΫυΞΛܦ༝ͯ͠ҙͷίϚϯυΛ࣮ߦͰ͖ΔΑ͏ʹͳͬͨϙʔτͪड͚#BDL%PPSʢϙʔτͪड͚ʣ ϙʔτѼ௨৴JEIPTUOBNFDSJDUM߈ܸऀʢλʔϛφϧʣίϯςφͷ߈ܸࣄྫᶄίϯςφϗετΛͬऔΔ
ͬͨͥʂʂ😈
ᶃίϯςφΛͬऔΔ֎෦͔Βͷෆਖ਼ͳϦΫΤετʹΑΓίϯςφʹ৵ೖ͞ΕͨίϯςφͷϑΝΠϧʢ8FCίϯςϯπʣΛॻ͖͑ΒΕͨᶄίϯςφϗετΛͬऔΔίϯςφͰ༻ҙͨ͠ෆਖ਼ͳϓϩάϥϜΛϗετ্ʹஔ͞Εͨίϯςφ͔ΒϗετͷDHSPVQΛૢ࡞͞Εɺෆਖ਼ͳϓϩάϥϜΛ࣮ߦ͞Εͨࠓճͷ߈ܸͰߦΘΕͨ͜ͱΛཧ͢ΔͱҎԼͷΑ͏ʹͳΓ·͢ɻ͜ΕΒͷ߈ܸ։ൃऀͷൣғͰ͋ΔίϯςφΠϝʔδٴͼίϯςφϨΠϠʹؚ·ΕΔηΩϡϦςΟϦεΫΛѱ༻ͯ͠ߦΘΕ·ͨ͠ɻίϯςφͷ߈ܸࣄྫ߈ܸͷ·ͱΊ
Կ͕͍͚ͳ͔ͬͨͷ͔ʁͲ͏͢Εྑ͔ͬͨͷ͔ʁ
˞"QQMJDBUJPOʹ͍ͭͯ։ൃऀͷൣғͰ͋Γ·͕͢ɺࠓճͷझࢫͱҳΕΔͨΊ͜͜Ͱείʔϓ͔Βআ֎͍ͯ͠·͢ίϯςφΛσϓϩΠ͢Δʹ͋ͨΓ։ൃऀͦΕͧΕҎԼͭͷϨΠϠʹ͍ͭͯηΩϡϦςΟϦεΫΛҙࣝ͠ɺରࡦΛߟ͑Δඞཁ͕͋Γ·͢ɻɹɾ$POUBJOFS*NBHFɿͲͷΑ͏ͳίϯςφΛσϓϩΠ͢Δ͔ɹɾ$POUBJOFSɿσϓϩΠ͢ΔίϯςφʹͲͷΑ͏ͳઃఆΛߦ͏͔ίϯςφηΩϡϦςΟͷߟ͑ํ֓ཁ3FHJTUSZ$MPVE/8)PTU040SDIFTUSBUPS$POUBJOFS3VOUJNF$POUBJOFS$POUBJOFS*NBHF"QQMJDBUJPO%FWFMPQFS"ENJOJTUSBUPS%PDLFSfiMF,VCFSOFUFT.BOJGFTUࠓճ%PDLFSfiMFΛ༻͍ͯΠϝʔδΛϏϧυ͠ɺ,VCFSOFUFT.BOJGFTUΛ༻͍ͯ,VCFSOFUFT্ʹίϯςφΛσϓϩΠ͢Δͱ͍͏࠷ҰൠతͳέʔεΛ༻͍Δ͜ͱͱ͠·͢ɻ
ҎԼͰίϯςφΠϝʔδɺίϯςφͦΕͧΕͷϨΠϠʹ͓͚ΔηΩϡϦςΟͷߟ͑ํʹ͍ͭͯɺઌͷ߈ܸࣄྫΛݩʹεςοϓͰ͝આ໌͠·͢ɻجຊݪଇϦεΫରࡦ֤ϨΠϠʹ͓͍ͯηΩϡϦςΟΛߟ͑ΔࡍͷجຊݪଇΛઆ໌߈ܸࣄྫΛݩʹͲͷΑ͏ͳ͜ͱ͕ηΩϡϦςΟϦεΫʹͳΓಘΔ͔આ໌ηΩϡϦςΟରࡦͷ۩ମతͳख๏Λઆ໌ίϯςφηΩϡϦςΟͷߟ͑ํ֓ཁ
$POUBJOFS)PTUQSPDFTT$POUBJOFS"*NBHF"$POUBJOFS)PTUQSPDFTT$POUBJOFS#*NBHF#ඞཁ࠷খݶͷϥΠϒϥϦύοέʔδɺόΠφϦɺઃఆΛؚΊͨΠϝʔδඞཁҎ্ͷϥΠϒϥϦύοέʔδɺόΠφϦɺઃఆΛؚΊͨΠϝʔδίϯςφͷִڥʹඞཁ࠷খݶͷͷؚ͕·ΕΔঢ়ଶ ίϯςφͷִڥʹ༷ʑͳͷؚ͕·ΕΔঢ়ଶɹʻʻɹηΩϡϦςΟϦεΫɹʻʻɹΠϝʔδʹ༨ͳͷΛؚΊͳ͍ίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ جຊݪଇখ େ
ҰൠతʹΠϝʔδʹؚΊΔ͖Ͱͳ͍ͱ͞ΕΔͷෆཁͳύοέʔδ ෆཁͳϓϩάϥϜ*'ෆཁͳϓϩηε ෆཁͳઃఆൿີใίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ جຊݪଇ্هͷΑ͏ͳͷ͕ίϯςφʹؚ·Ε͍ͯΔ͜ͱͰɺىಈ͢Δίϯςφʹ੬ऑੑΛؚΜͰ͠·͏ϦεΫ߈ܸऀʹର͢Δ߈ܸͷػձΛ༩͑ͯ͠·͏͜ͱʢ"UUBDL4VSGBDFʣʹܨ͕Δ
ࠓճ߈ཱܸ͕ͯ͠͠·ͬͨέʔεʹ͓͍ͯɺ։ൃऀ͕༻ҙͨ͠Πϝʔδʢ%PDLFSfiMFʣ͕Ͳ͏͔ͩͬͨݟͯΈ·͠ΐ͏ɻҰݟ%PDLFSfiMFͰߦ͍ͬͯΔ͜ͱʹͳͦ͞͏Ͱ͢ɻ͔͠͠ͳ͕Β༻͍ͯ͠ΔϕʔεΠϝʔδຊʹ৴པͰ͖ΔͷͳͷͰ͠ΐ͏͔ɻ'30.NPDIJ[VLJDWFBQBDIFEFCJBOCVTUFS1MBDFDPOUFOU$01:JOEFYIUNMWBSXXXIUNM36/DIPXOXXXEBUBXXXEBUBWBSXXXIUNMJOEFYIUNM։ൃऀ͕༻ҙͨ͠%PDLFSfiMFʢNPDIJ[VLJUSBJOJOHXFCTJUFQPDWʣ˞ࠓճ͋͘·ͰྫͳͷͰ͔͋Β͞·ʹո͍͠ϕʔεΠϝʔδ໊ʹͳ͍ͬͯ·͕͢ɺɹ࣮ࡍͷέʔεͰ։ൃऀ͕Կͱͳ͘બఆͨ͠ΠϝʔδΛఆ͍ͯͩ͘͠͞ɹʢྫ͑։ൃऀ͕%PDLFS)VCͰQFSGPSNBODFMBCIJHIQFSGPSNBODFIUUQEWͷΑ͏ͳͷΛݟ͚ͭͯ༻ʣίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ϦεΫ
։ൃऀ͕༻ͨ͠ϕʔεΠϝʔδͷதҎԼͷΑ͏ʹͳ͓ͬͯΓɺຊདྷؚΊΔ͖Ͱͳ͍༷ʑͳ༨ͳͷؚ͕·Ε͍ͯΔঢ়ଶͰͨ͠ɻ'30.EFCJBOCVTUFS*OTUBMMQBDLBHFTBOEQFSNJTTJPOTFUUJOH36/BQUHFUVQEBUFaBQUHFUVQHSBEFZa%*"/@'30/5&/%OPOJOUFSBDUJWFBQUHFUJOTUBMMZBQBDIFaBFONPEDHJEaBQUHFUZJOTUBMMMJCUJOGPaBQUHFUZJOTUBMMOFUDBUaBQUHFUJOTUBMMZTVEPaHSPVQBEEXIFFMaVTFSNPEB(XIFFMXXXEBUBaFDIPXIFFM"--/01"448%"--FUDTVEPFSTaBQUHFUDMFBOaSNSGWBSMJCBQUMJTUT*OKFDU$7&CBTI$01:QBDLBHFTQBDLBHFT36/EQLHJQBDLBHFT1MBDFDPOUFOU$01:WVMOFSBCMFVTSMJCDHJCJO$01:EBOHFSIUNMWBSXXXIUNM36/DIPXOXXXEBUBXXXEBUBWBSXXXIUNMaDIPXOXXXEBUBXXXEBUBVTSMJCDHJCJOWVMOFSBCMFaDINPEYVTSMJCDHJCJOWVMOFSBCMF&9104&$.%<VTSTCJOBQBDIFDUM %'03&(306/%>ෆཁͳύοέʔδෆཁͳઃఆ੬ऑੑΛؚΉύοέʔδ˞$7&ΛؚΉCBTIෆཁͳ*'ϕʔεΠϝʔδͷ%PDLFSfiMFʢNPDIJ[VLJDWFBQBDIFEFCJBOCVTUFSʣίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ϦεΫ
ࠓճͷ߈ܸࣄྫͰ߈ܸऀ͕ίϯςφʹ৵ೖ͢Δࡍɺ8FCαʔόʔͷίϯςφʹରͯ͠ҎԼͷΑ͏ͳ)551ϦΫΤετΛൃߦ͍ͯ͠·ͨ͠ɻ͜ͷ)551ϦΫΤετͰίϯςφΠϝʔδʹؚ·Ε͍ͯͨҎԼͭͷཁૉΛѱ༻͢Δ͜ͱͰίϯςφͰҙͷίϚϯυΛϦϞʔτ࣮ߦ͢Δ͜ͱΛࢼΈ͍ͯ·͢ɻɹɾ$(*ʢ$PNNPO(BUFXBZ*OUFSGBDFʣɿ8FCαʔόʔʹஔ͞ΕͨϓϩάϥϜΛݺͼग़͢*'ɹɾ$7&ɿ($*ܦ༝ͰҙͷίϚϯυΛϦϞʔτ࣮ߦͰ͖ͯ͠·͏CBTIͷ੬ऑੑʢ4IFMM4IPDLʣͦͷ݁ՌɺίϯςφʹόοΫυΞΛֻ͚ɺίϯςφʹ৵ೖ͢ΔʹࢸΓ·ͨ͠ɻDVSM)VTFSBHFOU \^FDIPCJOODFCJOCBTI߈ܸ*1IUUQDPOUBJOFSIBOETPOMPDBMDHJCJOWVMOFSBCMF$(*ʹର͢ΔϦΫΤετ੬ऑੑΛར༻ͯ͠όοΫυΞΛֻ͚ΔίϚϯυΛ࣮ߦ߈ܸऀ͕֎෦͔Βίϯςφʹ৵ೖ͢Δࡍʹ༻͍ͨίϚϯυʢ࠶ܝʣίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ϦεΫ
·ͨɺίϯςφΠϝʔδʹෆཁͳίϚϯυʢTVEPʣؚ͕·Ε͍ͯͨ͜ͱηΩϡϦςΟϦεΫͰ͋ͬͨͱ͍͑·͢ɻຊདྷίϯςφ͕ಈ࡞͢Δ্ͰඞཁͰͳ͍TVEPίϚϯυؚ͕·Ε͍ͯͨ͜ͱʹΑΓɺ߈ܸऀίϯςφʹ৵ೖޙɺಛݖϢʔβʔʹঢ֨͠ɺѱҙͷ͋Δૢ࡞Λߦ͏͜ͱ͕Ͱ͖ͯ͠·͍·ͨ͠ɻJEVJE XXXEBUBHJE XXXEBUBHSPVQT XXXEBUB XIFFMTVEPTVJEVJE SPPUHJE SPPUHSPVQT SPPUίϯςφ৵ೖޙͷಛݖঢ֨ʢ࠶ܝʣίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ϦεΫ
දతͳΠϝʔδͷηΩϡϦςΟϦεΫʹରॲ͢ΔͨΊͷϓϥΫςΟε˙֓೦ɹ/*4541ΞϓϦέʔγϣϯίϯςφηΩϡϦςΟΨΠυʢ*1"ຊޠ༁൛ʣɹΠϝʔδͷରࡦɹIUUQTXXXJQBHPKQfiMFTQEG˙۩ମతͳઃఆɹ$*4#FODINBSL%PDLFSɹ$POUBJOFS*NBHFTBOE#VJME'JMF$POfiHVSBUJPOɹIUUQTXXXDJTFDVSJUZPSHCFODINBSLEPDLFSɹ#FTUQSBDUJDFTGPSXSJUJOH%PDLFSfiMFTɹIUUQTEPDTEPDLFSDPNEFWFMPQEFWFMPQJNBHFTEPDLFSfiMF@CFTUQSBDUJDFTίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
ࠓճͷ߈ܸࣄྫͷΑ͏ʹ৴པͰ͖ͳ͍ϕʔεΠϝʔδΛ༻͢ΔͱΠϝʔδʹҙਤͤ͵ηΩϡϦςΟϦεΫΛؚΉةݥੑ͕͋Γ·͢ɻϕʔεΠϝʔδʹ৴པͰ͖ΔΠϝʔδΛ͏ɺ͘͠TDSBUDIͰΠϝʔδΛ࡞͢Δͱ͍͏͜ͱ͕ΠϝʔδͷηΩϡϦςΟରࡦΛߟ͑Δ্ͰͷେલఏͱͳΓ·͢ɻ0ffiDJBM*NBHFPG"QBDIF)5514FSWFS1SPKFDU'30.IUUQEBMQJOF1MBDFDPOUFOU$01:JOEFYIUNMVTSMPDBMBQBDIFIUEPDT36/DIPXOXXXEBUBXXXEBUBVTSMPDBMBQBDIFIUEPDTJOEFYIUNM%PDLFSfiMFʢIUUQEެࣜΠϝʔδΛ༻ʣʢNPDIJ[VLJUSBJOJOHXFCTJUFQPDWʣ৴པͰ͖ΔΠϝʔδΛར༻͢Δ˞Πϝʔδͱͯ͠༻͢ΔιϑτΣΞࣗମʹக໋తͳ੬ऑੑ͕ͳ͍͔ҙࣝ͢Δඞཁ͕͋Γ·͢ɻɹྫ͑ࠓճͷ߹IUUQEࣗମʹக໋తͳ੬ऑੑ͕ଘࡏ͍ͯ͠ͳ͍͔Λ༧Ί֬ೝ͓͖ͯ͘͠Ͱ͢ɻɹIUUQTIUUQEBQBDIFPSHTFDVSJUZWVMOFSBCJMJUJFT@IUNMίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
༨ͳͷΛؚΊͳ͍ͱ͍͏؍Ͱ࡞͢ΔΠϝʔδΛͰ͖ΔݶΓখ͘͢͞Δ͜ͱ͕ॏཁʹͳΓ·͢ɻ·ͨɺ৴པͰ͖ΔΠϝʔδʢIUUQEͷެࣜΠϝʔδʣΛϕʔεΠϝʔδͱͯ͠༻͢Δ߹ͰɺλάόʔδϣϯʹΑͬͯΠϝʔδαΠζ͕ҟͳΓɺαΠζ͕େ͖ͳΠϝʔδఔͦ͜ʹ༨ͳʢ߈ܸʹ༻͞ΕಘΔʣͷؚ͕·ΕΔՄೳੑ͕ߴ͘ͳΓ·͢ɻ͜ͷΑ͏ͳཧ༝͔ΒɺҰൠతʹαΠζͷখ͍͞λάόʔδϣϯΛ༻͢Δํ͕ηΩϡϦςΟϦεΫগͳ͍ͱ͍͑·͢ɻIUUQEʢEFEJBOTMJNϕʔεʣͱBMQJOFʢBMQJOFϕʔεʣͷൺֱEPDLFSJNBHFT3&104*503:5"(*."(&*%$3&"5&%4*;&IUUQEDDBBIPVSTBHP.#IUUQEBMQJOFGFCBDEBZTBHP.#˞ͪΖΜͰ͕͢ɺϕʔεΠϝʔδ͔Β࡞͢ΔΠϝʔδʹ͍ͭͯෆཁͳύοέʔδΛۃྗؚ·ͳ͍Α͏ʹ͢Δͱ͍͏औΓΈॏཁͰ͢ɻΠϝʔδΛখ͘͢͞ΔίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
͍͘ΒηΩϡϦςΟΛҙࣝͯ͠ΠϝʔδΛ࡞ͨ͠ͱͯ͠ҙਤͤͣ੬ऑੑةݥͳઃఆΛؚΜͰ͠·͏Մೳੑ͋Γ·͢ɻͦ͜Ͱॿ͚ʹͳΔͷ͕ίϯςφΠϝʔδͷεΩϟϯπʔϧͰ͢ɻ˙දతͳΠϝʔδεΩϟϯπʔϧɾίϯςφΠϝʔδʹؚ·ΕΔύοέʔδͷɹ੬ऑੑΛݕͰ͖Δɾͨͩ͠ύοέʔδϚωʔδϟʔΛ༻ͤͣɹόΠφϦ͔ΒΠϯετʔϧͨ͠ͷʹɹ͍ͭͯݕͰ͖ͳ͍ɾ%PDLFSfiMFLT.BOJGFTUͷɹεΩϟϯʹରԠɾίϯςφΠϝʔδ͕ϕετϓϥΫςΟεʹଇͬͨɹߏʹͳ͍ͬͯΔ͔ΛνΣοΫͰ͖Δɹɹɾ%PDLFS$*4#FODINBSLɹɹɾ%PDLMFಠࣗͷϓϥΫςΟεɾίϯςφΠϝʔδͷઃఆ্ͷηΩϡϦςΟϦεΫɹΛݕͰ͖Δɹʢ5SJWZͰݕͰ͖ͳ͍ύοέʔδҎ֎ͷϦεΫݕʹ༗ޮʣIUUQTHJUIVCDPNBRVBTFDVSJUZUSJWZ IUUQTHJUIVCDPNHPPEXJUIUFDIEPDLMFΠϝʔδΛεΩϟϯ͢Δ˞͜͜Ͱදతͳ044ͷΠϝʔδεΩϟϯπʔϧΛྫͱ͍ͯࣔͯ͠͠·͕͢͜Ε͕ਖ਼ղͱ͍͏ҙਤͰ͋Γ·ͤΜɻίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
USJWZΛ༻͍ͯΠϝʔδΛεΩϟϯ͢Δ͜ͱͰɺҎԼͷΑ͏ʹΠϝʔδʹؚ·ΕΔύοέʔδͷ੬ऑੑΛݕͰ͖·͢ɻࠓճ߈ܸʹ༻͞Εͨ੬ऑੑʢ$7&ʣʹ͍ͭͯUSJWZΛ༻͍ͯݕͰ͖͍ͯΔ͜ͱ͕͔Γ·͢ɻ$ trivy --severity CRITICAL,HIGH mochizuki875/training-website-poc:v1.02021-08-30T19:13:57.535+0900 INFO Need to update DB2021-08-30T19:13:57.535+0900 INFO Downloading DB...23.09 MiB / 23.09 MiB [--------------------------------------------------------------------------------------------------------------------------] 100.00%12.18 MiB p/s 2s2021-08-30T19:14:00.488+0900 INFO Detected OS: debian2021-08-30T19:14:00.488+0900 INFO Detecting Debian vulnerabilities...2021-08-30T19:14:00.510+0900 INFO Number of language-specific files: 0mochizuki875/training-website-poc:v1.0 (debian 10.10)=====================================================Total: 43 (HIGH: 38, CRITICAL: 5)+---------------+------------------+----------+-----------------------+------------------+--------------------------------------------------------------+| LIBRARY | VULNERABILITY ID | SEVERITY | INSTALLED VERSION | FIXED VERSION | TITLE |+---------------+------------------+----------+-----------------------+------------------+--------------------------------------------------------------+| apache2 | CVE-2021-33193 | HIGH | 2.4.38-3+deb10u5 | | httpd: Request splitting via HTTP/2 || | | | | | method injection and mod_proxy || | | | | | -->avd.aquasec.com/nvd/cve-2021-33193 |+---------------+ + + +------------------+ +ɾɾɾ+---------------+------------------+----------+-----------------------+------------------+--------------------------------------------------------------+| bash | CVE-2014-6271 | CRITICAL | 4.2+dfsg-0.1 | 4.3-9.1 | bash: specially-crafted || | | | | | environment variables can be || | | | | | used to inject shell commands || | | | | | -->avd.aquasec.com/nvd/cve-2014-6271 |+ +------------------+----------+ +------------------+--------------------------------------------------------------+| | CVE-2012-6711 | HIGH | | 4.3-1 | bash: heap-based buffer || | | | | | overflow during echo of || | | | | | unsupported characters || | | | | | -->avd.aquasec.com/nvd/cve-2012-6711 |+ +------------------+ + +------------------+--------------------------------------------------------------+ɾɾɾ+---------------+------------------+ +-----------------------+------------------+--------------------------------------------------------------+| openssl | CVE-2021-3711 | | 1.1.1d-0+deb10u6 | 1.1.1d-0+deb10u7 | openssl: SM2 Decryption || | | | | | Buffer Overflow || | | | | | -->avd.aquasec.com/nvd/cve-2021-3711 |+---------------+------------------+----------+-----------------------+------------------+--------------------------------------------------------------+ίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
$ dockle mochizuki875/training-website-poc:v1.02021-08-30T19:23:33.243+0900 INFO Failed to check latest version. not found version patternsFATAL - DKL-DI-0001: Avoid sudo command* Avoid sudo in container : RUN /bin/sh -c apt-get update && apt-get upgrade -y && DEBIAN_FRONTEND=noninteractive apt-get install -y apache2&& a2enmod cgid && apt-get -y install libtinfo5 && apt-get -y install netcat && apt-get install -y sudo && groupadd wheel &&usermod -aG wheel www-data && echo "%wheel ALL=NOPASSWD: ALL" >> /etc/sudoers && apt-get clean && rm -rf /var/lib/apt/lists/* # buildkitWARN - CIS-DI-0001: Create a user for the container* Last user should not be rootINFO - CIS-DI-0005: Enable Content trust for Docker* export DOCKER_CONTENT_TRUST=1 before docker pull/buildINFO - CIS-DI-0006: Add HEALTHCHECK instruction to the container image* not found HEALTHCHECK statementINFO - CIS-DI-0008: Confirm safety of setuid/setgid files* setuid file: urwxr-xr-x bin/ping* setuid file: urwxr-xr-x usr/bin/passwd* setuid file: urwxr-xr-x usr/bin/sudo* setgid file: grwxr-xr-x usr/bin/expiry* setgid file: grwxr-xr-x usr/bin/wall* setgid file: grwxr-xr-x usr/bin/chage* setuid file: urwxr-xr-x bin/umount* setuid file: urwxr-xr-x bin/su* setuid file: urwxr-xr-x usr/bin/gpasswd* setgid file: grwxr-xr-x sbin/unix_chkpwd* setuid file: urwxr-xr-x bin/mount* setuid file: urwxr-xr-x usr/bin/newgrp* setuid file: urwxr-xr-x usr/bin/chfn* setuid file: urwxr-xr-x usr/bin/chshEPDLMFΛ༻͍ͯΠϝʔδΛεΩϟϯ͢Δ͜ͱͰɺઃఆ্ͷηΩϡϦςΟϦεΫΛݕ͢Δ͜ͱ͕Ͱ͖·͢ɻࠓճͷ߈ܸྫʹ͓͍ͯίϯςφ৵ೖޙʹಛݖঢ֨ʹ༻͍ΒΕͨTVEPίϚϯυʹؔ͢Δܯࠂ͕ݕ͞Ε͍ͯΔ͜ͱ͕͔Γ·͢ɻίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
ʢࢀߟʣΠϝʔδεΩϟϯͷܧଓతͳ࣮ࢪɹ࣌ؒͷܦաͱͱʹίϯςφΠϝʔδʹؚ·ΕΔ੬ऑੑ͕໌Β͔ʹͳͬͯ͘Δέʔε͋ΔͨΊɺɹ੬ऑੑεΩϟϯ͚ͩߦ͏ͷͰͳ͘ܧଓతʹߦ͏͜ͱॏཁʹͳ͖ͬͯ·͢ɻɹࠓճεΩϟϯπʔϧΛ୯ମͰར༻͍ͯ͠·͕͢ɺΠϝʔδεΩϟϯΛ$*πʔϧ&$3ͳͲϨδετϦʹ౷߹ͯ͠༻͍Δ͜ͱͰɺɹܧଓతʹΠϝʔδͷ੬ऑੑεΩϟϯΛߦ͏έʔεΑ͘ݟड͚ΒΕ·͢ɻίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
/P ରࡦ ৄࡉ ৴པͰ͖ΔΠϝʔδΛར༻͢Δ৴པͰ͖ͳ͍Πϝʔδʹɺ੬ऑੑ"UUBDL4VSGBDFʹͳΓಘΔύοέʔδɺϚϧΣΞɺةݥͳઃఆͳͲ͋ΒΏΔηΩϡϦςΟϦεΫؚ͕·Ε͍ͯΔՄೳੑ͕͋ΔͨΊɺެࣜΠϝʔδΛ༻͍Δ͔ɺTDSBUDIͰΠϝʔδΛ࡞͖͢ɻ ΠϝʔδΛখ͘͢͞ΔҰൠతʹΠϝʔδ༰ྔ͕େ͖͍ͱ͍͏͜ͱΠϝʔδʹηΩϡϦςΟϦεΫΛؚΉՄೳੑߴ͘ͳΔͨΊɺՄೳͳݶΓΠϝʔδΛখ͖͘͢͞ɻ ΠϝʔδΛεΩϟϯ͢Δҙਤͤ͵੬ऑੑઃఆෆඋͷࠞೖΛࢭ͢ΔͨΊʹΠϝʔδͷεΩϟϯΛߦ͏ɻ࣌ؒܦաͱڞʹൃੜͨ͠੬ऑੑʹରԠ͢ΔͨΊεΩϟϯܧଓతʹߦ͏ɻ˞ͨͩ͠πʔϧΛ༻͍Δ͜ͱͰશͯͷηΩϡϦςΟϦεΫΛऔΓআ͚ΔΘ͚Ͱͳ͍ͨΊɹ Λ౿·্͑ͨͰิॿతͳׂͱͯ͠πʔϧΛ׆༻͖͢ɻηΩϡϦςΟରࡦ·ͱΊίϯςφηΩϡϦςΟͷߟ͑ํΠϝʔδ ରࡦ
$POUBJOFS)PTU04QSPDFTT"QSPDFTT#QSPDFTT$QSPDFTT%ίϯςφͱͯ͠ىಈ͢Δϓϩηείϯςφ͋͘·Ͱ04্Ͱ࣮ߦ͞ΕΔϓϩηεʹա͗·ͤΜɻSPPUGT ίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ جຊݪଇ
$POUBJOFS)PTU04QSPDFTT"SPPUGT QSPDFTT#QSPDFTT$SPPUGT QSPDFTT%$POUBJOFS*TPMBUJPO/BNFTQBDFɿϓϩηεͷ࣮ߦۭؒΛִQJWPU@SPPU0WFSMBZ'4ɿSPPUGTΛִ-JNJUBUJPODHSPVQɿϦιʔεΛ੍ݶ3FTUSJDUJPO$BQBCJMJUZɿϓϩηεͷݖݶൣғΛ੍ݶ4FDDPNQɿγεςϜίʔϧΛ੍ݶ."$ʢ"QQ"SNPS4&-JOVYʣɿϑΝΠϧΞΫηεΛ੍ݶ3FBE0OMZ.PVOUɿॏཁͳϑΝΠϧγεςϜʢQSPDTZTʣΛ30ͰϚϯτɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹFUDҰൠతͳϓϩηεͱίϯςφͷҧ͍ɺίϯςφͱ࣮ͯ͠ߦ͞ΕΔϓϩηε-JOVYΧʔωϧͷ༷࣋ͭʑͳΈΛͬͯଞͷϓϩηε͔Βִ͞Ε͍ͯΔͰ͢ɻίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ جຊݪଇ
$POUBJOFS)PTU$POUBJOFS)PTUQSPDFTT$POUBJOFS"QSPDFTT$POUBJOFS#ίϯςφͱͯ͠ͷִੑ͕ߴ͍ঢ়ଶ ίϯςφͱͯ͠ͷִੑ͕͍ঢ়ଶίϯςφͰಈ͘ϓϩηεͷಈ࡞͕ϗετʹӨڹ͠ͳ͍ίϯςφͰಈ͘ϓϩηεͷҰ෦ͷಈ࡞͕ϗετʹӨڹͯ͠͠·͏ίϯςφͷִੑΛҡ࣋͢ΔίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ جຊݪଇɹʻʻɹηΩϡϦςΟϦεΫɹʻʻɹখ େ
,VCFSOFUFT.BOJGFTUͰίϯςφʹର͢Δ༷ʑͳىಈઃఆΛఆٛͰ͖·͕͢ɺ͜ͷઃఆʹΑΓίϯςφͷִੑΛڧΊΔ͜ͱऑΊΔ͜ͱͰ͖·͢ɻ͜ΕΒΛదʹߦ͏͜ͱ͕ɺίϯςφϨΠϠʹ͓͚ΔηΩϡϦςΟ֬อʹܨ͕Γ·͢ɻBQJ7FSTJPOWLJOE1PENFUBEBUBMBCFMTSVOVCVOUVOBNFVCVOUVTQFDDPOUBJOFSTJNBHFVCVOUVOBNFVCVOUVTFDDPNNBOE<CJOTI D XIJMFEPTMFFQEPOF>SFTPVSDFTMJNJUTDQVNNFNPSZ.JTFDVSJUZ$POUFYUSFBE0OMZ3PPU'JMFTZTUFNUSVFWPMVNF.PVOUTNPVOU1BUIUNQOBNFIPTUQBUITBNQMFWPMVNFTOBNFIPTUQBUITBNQMFIPTU1BUIQBUIUNQLTNBOJGFTUͷྫ༻ՄೳϦιʔεΛ੍ݶ͢Δ͜ͱͰִੑ্ίϯςφͷSPPUGTͷॻ͖ࠐΈΛېࢭ͢Δ͜ͱͰִੑ্˞ίϯςφͷSPPUGTͷ࣮ଶίϯςφϗετ্ͷ0WFSMBZGTίϯςφϗετͷσΟϨΫτϦΛόΠϯυϚϯτ͓ͯ͠ΓִੑԼίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ جຊݪଇ
ִੑΛߴΊΔͨΊͷઃఆෆཁͳݖݶΛ༩͠ͳ͍ Ϧιʔεͷ੍ݶϗετͷσΟϨΫτϦΛϚϯτ͠ͳ͍ ίϯςφͰͷมߋΛېࢭΧʔωϧʹର͢Δૢ࡞ͷ੍ݶίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ جຊݪଇ
ࠓճ߈ཱܸ͕ͯ͠͠·ͬͨέʔεʹ͓͍ͯɺ։ൃऀ͕༻ҙͨ͠ίϯςφىಈઃఆʢ,VCFSOFUFT.BOJGFTUʣ͕Ͳ͏͔ͩͬͨݟͯΈ·͠ΐ͏ɻ,VCFSOFUFT.BOJGFTUΛݟͯΈΔͱɺίϯςφʹಛݖΛ༩͍ͯ͠Δ͜ͱ͕͔Γ·͢ɻBQJ7FSTJPOWLJOE1PENFUBEBUBMBCFMTSVOXFCOBNFXFCTQFDDPOUBJOFSTJNBHFNPDIJ[VLJUSBJOJOHXFCTJUFQPDWOBNFXFCTFDVSJUZ$POUFYUQSJWJMFHFEUSVFࠓճίϯςφͷىಈʹར༻ͨ͠ͷ,VCFSOFUFT.BOJGFTUʢXFCJOTFDVSFQPEZNMʣίϯςφʹಛݖΛ༩͍͑ͯΔίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ϦεΫ
ίϯςφΛಛݖͰಈ࡞ͤ͞Δͱ͍͏͜ͱίϯςφϓϩηεʹϗετͷಛݖϢʔβʔʢSPPUʣͱಉͷݖݶΛ࣋ͨͤΔ͜ͱʹͳΓɺίϯςφͷִੑΛԼͤ͞Δ͜ͱʹܨ͕Γ·͢ɻ$POUBJOFS)PTU04QSPDFTT"SPPUGT QSPDFTT#QSPDFTT$SPPUGT QSPDFTT%$POUBJOFS*TPMBUJPO/BNFTQBDFɿϓϩηεͷ࣮ߦۭؒΛִQJWPU@SPPU0WFSMBZ'4ɿSPPUGTΛִ-JNJUBUJPODHSPVQɿϦιʔεΛ੍ݶ3FTUSJDUJPO$BQBCJMJUZɿϓϩηεͷݖݶൣғΛ੍ݶ4FDDPNQɿγεςϜίʔϧΛ੍ݶ."$ʢ"QQ"SNPS4&-JOVYʣɿϑΝΠϧΞΫηεΛ੍ݶ3FBE0OMZ.PVOUɿॏཁͳϑΝΠϧγεςϜʢQSPDTZTʣΛ30ͰϚϯτɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹɹFUD1SJWJMFHFEϗετͷಛݖϢʔβʔͱಉͷݖݶίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ϦεΫ
NPVOUcHSFQDHSPVQʢུʣDHSPVQPOTZTGTDHSPVQNFNPSZUZQFDHSPVQ SX OPTVJE OPEFW OPFYFD SFMBUJNF NFNPSZDHSPVQPOTZTGTDHSPVQQJETUZQFDHSPVQ SX OPTVJE OPEFW OPFYFD SFMBUJNF QJETDHSPVQPOTZTGTDHSPVQDQV DQVBDDUUZQFDHSPVQ SX OPTVJE OPEFW OPFYFD SFMBUJNF DQV DQVBDDUDHSPVQPOTZTGTDHSPVQSENBUZQFDHSPVQ SX OPTVJE OPEFW OPFYFD SFMBUJNF SENBʢུʣʢಛݖίϯςφʣɹࠓճͷέʔεͰಛݖΛ༩͑ͨ͜ͱʹΑΓDHSPVQͷΞΫηεݖ͕38ʹઃఆ͞Ε·ͨ͠ࠓճͷ߈ܸࣄྫͰίϯςφʹಛݖΛ༩ͨ͜͠ͱͰɺຊདྷίϯςφͷΈ্3FBE0OMZ͕ઃఆ͞ΕΔ͖DHSPVQͷॻ͖ࠐΈ͕Մೳͳঢ়ଶͱͳ͍ͬͯ·ͨ͠ɻ͜ΕʹΑΓDHSPVQΛίϯςφ͔Βૢ࡞ͯ͠ɺϗετ্ͰҙͷϓϩάϥϜΛ࣮ߦ͢Δͱ͍͏߈ܸʹܨ͛Δ͜ͱ͕Ͱ͖ͯ͠·͍·ͨ͠ɻNPVOUcHSFQDHSPVQʢུʣDHSPVQPOTZTGTDHSPVQNFNPSZUZQFDHSPVQ SP OPTVJE OPEFW OPFYFD SFMBUJNF NFNPSZDHSPVQPOTZTGTDHSPVQQJETUZQFDHSPVQ SP OPTVJE OPEFW OPFYFD SFMBUJNF QJETDHSPVQPOTZTGTDHSPVQDQV DQVBDDUUZQFDHSPVQ SP OPTVJE OPEFW OPFYFD SFMBUJNF DQV DQVBDDUDHSPVQPOTZTGTDHSPVQSENBUZQFDHSPVQ SP OPTVJE OPEFW OPFYFD SFMBUJNF SENBʢུʣʢඇಛݖίϯςφʣɹ௨ৗίϯςφͰDHSPVQͷΞΫηεݖ30ʹઃఆ͞Ε·͢ίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ϦεΫ
NLEJSTZTGTDHSPVQSENBYɾɾɾTIDFDIPaaTZTGTDHSPVQSENBYDHSPVQQSPDTຊདྷίϯςφ͔ΒڐՄ͞Ε͍ͯͳ͍DHSPVQͷૢ࡞Λ௨ͨ͡ϓϩάϥϜͷ࣮ߦNLEJSTZTGTDHSPVQSENBYNLEJSDBOOPUDSFBUFEJSFDUPSZTZTGTDHSPVQSENBY3FBEPOMZfiMFTZTUFNʢඇಛݖίϯςφʣɹDHSPVQͷΞΫηεݖ͕30ͳͷͰDHSPVQͷ࡞͕ڐՄ͞Ε͍ͯͳ͍ʢಛݖίϯςφʣɹDHSPVQͷΞΫηεݖ͕38ʹઃఆ͞Ε͓ͯΓDHSPVQͷ࡞ઃఆมߋ͕ՄೳίϯςφηΩϡϦςΟͷߟ͑ํίϯςφࠓճͷ߈ܸࣄྫͰίϯςφʹಛݖΛ༩ͨ͜͠ͱͰɺຊདྷίϯςφͷΈ্3FBE0OMZ͕ઃఆ͞ΕΔ͖DHSPVQͷॻ͖ࠐΈ͕Մೳͳঢ়ଶͱͳ͍ͬͯ·ͨ͠ɻ͜ΕʹΑΓDHSPVQΛίϯςφ͔Βૢ࡞ͯ͠ɺϗετ্ͰҙͷϓϩάϥϜΛ࣮ߦ͢Δͱ͍͏߈ܸʹܨ͛Δ͜ͱ͕Ͱ͖ͯ͠·͍·ͨ͠ɻϦεΫ
·ͨɺࠓճͷྫͰ৵ೖͨ͠ίϯςφͰϑΝΠϧͷฤू৽ن࡞Λ࣮ߦͰ͖ͨ͜ͱɺ߈ཱܸ͕ͨ͠ཁҼͰ͋ͬͨͱݴ͑·͢ɻTVEPTFEJFTIUUQTaaaXXXLBUBDPEBDPNaDPVSTFTaLVCFSOFUFTEBOHFSIUNMWBSXXXIUNMJOEFYIUNM8FCίϯςϯπͷվ᜵ʢγφϦΦᶃʣDBU&0'DNECJOTIFDIPIPTUOBNF$PNNBOEGSPN$POUBJOFSUNQPVUQVUIPTUOBNFUNQPVUQVU&0'DINPEYDNEෆਖ਼ͳϓϩάϥϜͷ࡞ʢγφϦΦᶄʣίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ϦεΫ
߈ܸࣄྫͷதͰઆ໌ͨ͠௨ΓίϯςφͷSPPUGTͷ࣮ଶίϯςφϗετ্ͷ0WFSMBZGTͰ͋ΓɺίϯςφͰͷSPPUGTʹର͢Δมߋࠩ6QQFSEJSͱݺΕΔϗετ্ͷಛఆσΟϨΫτϦʹө͞Ε·͢ɻʢѱҙͷ͋ΔϑΝΠϧΛίϯςφ͔Βίϯςφϗετ্ʹஔͰ͖ͯ͠·͏ࣄʹͳΔʣ͕ͨͬͯ͠ɺίϯςφͰϑΝΠϧͷฤू৽ن࡞͕ߦ͑Δͱ͍͏͜ͱίϯςφͷִੑ͕͍ঢ়ଶͰ͋Δ͜ͱΛҙຯ͠ɺηΩϡϦςΟϦεΫʹͳΓಘΔͱݴ͑·͢ɻ˞,VCFSOFUFTʹ͓͍ͯσϑΥϧτͰɺίϯςφͷSPPUGTͷΞΫηεݖ͕38ʹͳ͍ͬͯ·͢ɻ$POUBJOFS)PTU04SPPUGT QSPDFTT$POUBJOFS0WFSMBZGT6QQFSEJS-PXFSEJS -BZFS-PXFSEJS -BZFSXPSLίϯςφSPPUGTͷ࣮ଶίϯςφͰ࡞ͨ͠ϑΝΠϧͷ࣮ଶίϯςφϗετ্ʹଘࡏ'JMFίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ϦεΫ
දతͳίϯςφͷηΩϡϦςΟϦεΫʹରॲ͢ΔͨΊͷϓϥΫςΟε˙֓೦ɹ/*4541ΞϓϦέʔγϣϯίϯςφηΩϡϦςΟΨΠυʢ*1"ຊޠ༁൛ʣɹίϯςφͷରࡦɹϗετͷରࡦʣɹIUUQTXXXJQBHPKQfiMFTQEG˙۩ମతͳઃఆɹ1PE4FDVSJUZ4UBOEBSETɹIUUQTLVCFSOFUFTJPEPDTDPODFQUTTFDVSJUZQPETFDVSJUZTUBOEBSETɹ/4"$*4",VCFSOFUFT)BSEFOJOH(VJEBODFʢ,VCFSOFUFT1PETFDVSJUZʣɹIUUQTNFEJBEFGFOTFHPW"VH$53@,6#&3/&5&4)"3%&/*/((6*%"/$&1%'ίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
,VCFSOFUFTͰίϯςφΛσϓϩΠ͢ΔࡍɺσϑΥϧτͰίϯςφϓϩηεʹର͢Δ੍ݶ͕ߦΘΕ·͢ɻͦͷͨΊಛʹઃఆΛߦΘͣͱ࠷ݶͷִੑΛ୲อ͢Δ͜ͱ͕Ͱ͖·͢ɻࠓճͷྫͰҎԼͷΑ͏ʹσϑΥϧτઃఆͰίϯςφΛىಈ͍ͯ͠Εɺίϯςφ͔Βϗετʹରͯ͠ίϚϯυΛ࣮ߦ͞ΕΔ͜ͱΛ͙͜ͱ͕Ͱ͖·ͨ͠ɻBQJ7FSTJPOWLJOE1PENFUBEBUBMBCFMTSVOXFCOBNFXFCTQFDDPOUBJOFSTJNBHFNPDIJ[VLJUSBJOJOHXFCTJUFQPDWOBNFXFCࠓճίϯςφͷىಈʹར༻ͨ͠ͷ,VCFSOFUFT.BOJGFTUʢXFCEFGBVMUQPEZNMʣίϯςφʹෆཁͳઃఆΛߦΘͳ͍,VCFSOFUFT1PE4FDVSJUZ4UBOEBSETʹ͓͚Δ#BTFMJOF૬ෆཁͳઃఆΛߦΘͳ͍ίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
σϑΥϧτͷઃఆʹରͯ͠దͳઃఆΛߦ͏͜ͱͰίϯςφͷִੑΛ্ͤ͞ɺηΩϡϦςΟϨϕϧΛߴΊΔ͜ͱ͕Ͱ͖·͢ɻ˞۩ମతͳઃఆͷҰཡʹ͍ͭͯઌʹࣔͨ͠ϓϥΫςΟεΛ͝ࢀর͍ͩ͘͞ɻBQJ7FSTJPOWLJOE1PENFUBEBUBMBCFMTSVOXFCTFDVSFOBNFXFCTFDVSFTQFDTFDVSJUZ$POUFYUTFDDPNQ1SPfiMFUZQF3VOUJNF%FGBVMUBVUPNPVOU4FSWJDF"DDPVOU5PLFOGBMTFDPOUBJOFSTJNBHFNPDIJ[VLJUSBJOJOHXFCTJUFQPDWOBNFXFCTFDVSJUZ$POUFYUBMMPX1SJWJMFHF&TDBMBUJPOGBMTFSFBE0OMZ3PPU'JMFTZTUFNUSVFDBQBCJMJUJFTESPQBMMBEE$)08/4&56*%4&5(*%/&5@#*/%@4&37*$&SFTPVSDFTMJNJUTDQVNNFNPSZ.JWPMVNF.PVOUTOBNFMPHWPMVNFNPVOU1BUIVTSMPDBMBQBDIFMPHTWPMVNFTOBNFMPHWPMVNFFNQUZ%JS\^ɾɾɾᶃɾɾɾᶄɾɾɾᶅɾɾɾᶆɾɾɾᶇɾɾɾᶆ<ִੑΛΑΓߴΊΔઃఆͷྫ>ɹɹᶃTFDDPNQʹΑΔγεςϜίʔϧͷ੍ݶɹɹᶄ4FSWJDF"DDPVOUΛϚϯτ͠ͳ͍ɹɹᶅಛݖঢ֨ͷېࢭɹɹᶆSPPUGTͷॻ͖ࠐΈېࢭɹɹᶇ$BQBCJMJUZͷണୣɾඞཁ࠷খݶͷ༩ɹɹᶈϦιʔε༻ྔΛ੍ݶִੑΛΑΓߴΊΔઃఆηΩϡϦςΟରࡦΛࢪͨ͠,VCFSOFUFT.BOJGFTUʢXFCTFDVSFQPEZNMʣ˞ಛʹࠓճͷ߈ܸʹؔ࿈͢Δରࡦ੨ࣈͰදه͍ͯ͠·͢ɻίϯςφηΩϡϦςΟͷߟ͑ํίϯςφɾɾɾᶈରࡦ
ίϯςφͷִੑΛΑΓߴΊΔઃఆͷදతͳ߲ͷͭͱͯ͠ɺίϯςφͷ࣮ߦϢʔβʔΛSPPUͱͤͣඇSPPUͱ͖͢ͱ͍ͬͨ༰͕ڍ͛ΒΕ·͢ɻ˞ίϯςφΠϝʔδɺ,VCFSOFUFT.BOJGFTUͰಛʹࢦఆ͠ͳ͍߹SPPUͰίϯςφ͕ىಈ͞ΕΔ'30.VCVOUV$.%<CJOTI D XIJMFEPTMFFQEPOF>BQJ7FSTJPOWLJOE1PENFUBEBUBMBCFMTSVOVCVOUVOBNFVCVOUVSPPUTQFDDPOUBJOFSTJNBHFNPDIJ[VLJVCVOUVSPPUOBNFVCVOUVSPPU'30.VCVOUV36/VTFSBEENVVTFS64&3VTFS803,%*3IPNFVTFS$.%<CJOTI D XIJMFEPTMFFQEPOF>BQJ7FSTJPOWLJOE1PENFUBEBUBMBCFMTSVOVCVOUVOBNFVCVOUVVTFSTQFDDPOUBJOFSTJNBHFNPDIJ[VLJVCVOUVSVOBTOBNFVCVOUVVTFSTFDVSJUZ$POUFYUSVO"T6TFSSVO"T(SPVQSVO"T/PO3PPUUSVF%PDLFSfiMFʢSPPUʣ.BOJGFTUʢSPPUʣ%PDLFSfiMFʢඇSPPUʣ.BOJGFTUʢඇSPPUʣίϯςφ࣮ߦϢʔβʔΛࢦఆίϯςφ࣮ߦϢʔβʔʢ6*%ʣΛࢦఆՃ͑ͯSPPUͰͷ࣮ߦΛېࢭίϯςφͷ࣮ߦϢʔβʔʹ͍ͭͯʢִੑΛߴΊΔઃఆͷͭʣίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
QTBVYGʢུʣSPPU 4MVTSCJODPOUBJOFSETIJNSVODWOBNFTQBDFLTJPJEECEGFCCFEFFSPPU 4Ta@QBVTFSPPU 4Ta@CJOTIDXIJMFEPTMFFQEPOFSPPU 4a@TMFFQʢུʣSPPU 4MVTSCJODPOUBJOFSETIJNSVODWOBNFTQBDFLTJPJEGDBDBCBDBEGCGDDBFBSPPU 4Ta@QBVTFVTFS 4Ta@CJOTIDXIJMFEPTMFFQEPOFVTFS 4a@TMFFQʢུʣLVCFDUMHFUQP/".&3&"%:45"5643&45"354"(&VCVOUVSPPU3VOOJOHNVCVOUVVTFS3VOOJOHNSPPUͰ࣮ߦͨ͠ίϯςφͷϓϩηεʢVCVOUVSPPUʣඇSPPUͰ࣮ߦͨ͠ίϯςφͷϓϩηεʢVCVOUVVTFSʣ͜Εɺίϯςφͱίϯςφϗετ্Ͱͷίϯςφϓϩηεͷ࣮ߦϢʔβʔ͕ΠίʔϧʹͳΔ͜ͱʹΑΓɺSPPUϢʔβʔͰ࣮ߦͨ͠ίϯςφ͕ίϯςφϗετ্ͰSPPUϓϩηεͱ࣮ͯ͠ߦ͞ΕΔ͜ͱʹͳΔͨΊͰ͢ɻʢݖݶִͷ؍ͰίϯςφͷִੑΛଛͳ͏ʣίϯςφىಈঢ়گίϯςφϗετ্Ͱͷϓϩηε֬ೝίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ࣮ࡍʹίϯςφΛىಈͤ͞ɺίϯςφϗετ্Ͱϓϩηεͷ࣮ߦϢʔβʔΛ֬ೝ͢Δͱɺ͔֬ʹίϯςφͷ࣮ߦϢʔβʔͱϓϩηεͷ࣮ߦϢʔβʔ͕Ұக͍ͯ͠Δ͜ͱ͕͔Γ·͢ɻ˞͜Ε݄ݱࡏɺίϯςφͱϗετͷ6TFS/BNFTQBDF͕ڞ௨Ͱ͋Δͱ͍͏ΈʹΑΔͷ
ͨͩ͠લड़ͷ௨Γɺίϯςφ$BQBCJMJUZΛ͡Ίͱͨ͠ΧʔωϧͷΈʹΑΓɺͨͱ͑SPPUͰ࣮ߦͨ͠ͱͯ͠ݖݶ੍͕ݶ͞Ε·͢ɻʢجຊతʹSPPU࣮ߦͯ͠ͳ͍ʣ͔͠͠ίϯςφϥϯλΠϜͷ੬ऑੑʢ$7&ʣʹΑΓݖݶΛ੍ݶ͖͠Εͳ͍έʔεൃੜ͠ಘ·͢ɻͦ͏ͳͬͨ߹ɺίϯςφͷִੑΛҡ͖࣋͠Εͣ$POUBJOFS#SFBLPVUʹܨ͕ΔϦεΫʹͳΔͨΊجຊతʹίϯςφඇSPPUͰ࣮ߦ͖͢Ͱ͢ɻʢิʣࠓճͷྫʹ͓͚Δ࣮ߦϢʔβʔͷߟ͑ํࠓճ8FCαʔόʔͱͯ͠༻ͨ͠IUUQEͷ߹ϓϩηεͷΈ͕SPPUͰىಈ͠ɺϫʔΧʔϓϩηεඇSPPUϢʔβʔʢEBFNPOʣͰ࣮ߦ͞ΕΔͨΊίϯςφΛSPPUͰىಈͤ͞ΔϦεΫʹ͍ͭͯड༰ͨ͠ɻ˞OHJOYIUUQEΛ͡Ίͱͨ͠8FCαʔόʔͷެࣜΠϝʔδͰίϯςφϙʔτͱͯ͠ಛݖϙʔτʢϙʔτʣΛ༻͢Δཧ༝͔ΒɺSPPU࣮ߦΛલఏͱ͢Δͷ͕ଟ͍LVCFDUMFYFDJUXFCTFDVSFCJOTIVTSMPDBMBQBDIFQTBVY1*%64&35*.&$0.."/%SPPUIUUQE%'03&(306/%EBFNPOIUUQE%'03&(306/%EBFNPOIUUQE%'03&(306/%EBFNPOIUUQE%'03&(306/%EBFNPOIUUQE%'03&(306/%ɾɾɾ8PSLFSϓϩηεඇSPPUͰ࣮ߦ͞ΕΔIUUQEίϯςφͷϓϩηε࣮ߦϢʔβʔ֬ೝίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
ۙ-JOVY/BNFTQBDFͷɺ6TFS/BNFTQBDFΛίϯςφͱϗετͰ͢Δ͜ͱͰɺίϯςφΛSPPUͰ࣮ߦͯ͠ίϯςφϗετ্Ͱίϯςφϓϩηε͕ඇಛݖϢʔβʔͰ࣮ߦ͞ΕΔΑ͏ʹ͢ΔΈ͕ݕ౼͞Ε͍ͯ·͢ɻ˞ݱࡏίϯςφͱίϯςφϗετͰ6TFS/BNFTQBDF͕ڞ௨Ͱ͋ΔͨΊίϯςφͱϓϩηεͷ࣮ߦϢʔβʔ͕ಉ͡4VQQPSUOPEFMFWFMVTFSOBNFTQBDFSFNBQQJOHIUUQTHJUIVCDPNLVCFSOFUFTFOIBODFNFOUTJTTVFTʢࢀߟʣSPPUMFTTίϯςφίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
Πϝʔδͷ߹ͱಉ༷ɺ͍͘ΒηΩϡϦςΟΛҙࣝͯ͠ίϯςφىಈઃఆΛ࡞ͨ͠ͱͯ͠ɺҙਤͤͣةݥͳઃఆΛؚΜͰ͠·͏Մೳੑ͋Γ·͢ɻ,VCFSOFUFT.BOJGFTUʹ͍ͭͯηΩϡϦςΟϦεΫΛධՁ͢ΔͨΊͷεΩϟϯπʔϧ͕ଘࡏ͠·͢ɻ˙දతͳ,VCFSOFUFT.BOJGFTUεΩϟϯπʔϧɾ,VCFSOFUFT.BOJGFTUʹؚ·ΕΔηΩϡϦςΟɹϦεΫΛݕͰ͖ΔɾϚχϑΣετͷࣗಈमਖ਼͕ՄೳɾՔಇதͷ1PEʹର͢ΔεΩϟϯ͕ՄೳIUUQTHJUIVCDPNDPOUSPMQMBOFJPLVCFTFD IUUQTHJUIVCDPN4IPQJGZLVCFBVEJUɾ,VCFSOFUFT.BOJGFTUͷઃఆ߲ΛείΞͯ͠ɹηΩϡϦςΟϦεΫΛධՁ͢Δɾ$-*Ҏ֎ʹ)551αʔόʔͱͯ͠εΩϟϯػೳΛɹఏڙ͢Δ͜ͱ͕ՄೳLVCFBVEJU☁🔒💪,VCFTFDϚχϑΣετΛεΩϟϯ͢Δ˞͜͜Ͱදతͳ044ͷΠϝʔδεΩϟϯπʔϧΛྫͱ͍ͯࣔͯ͠͠·͕͢͜Ε͕ਖ਼ղͱ͍͏ҙਤͰ͋Γ·ͤΜɻɹ·ͨΫϥελϨΠϠͷʹͳΓ·͕͢ɺద༻ՄೳͳઃఆΛ01"ͳͲϙϦγʔΛ༻੍͍ͯޚ͢Δͱ͍ͬͨखஈߟ͑ΒΕ·͢ɻίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
,VCFTFDΛ༻͍ͯ,VCFSOFUFT.BOJGFTUΛεΩϟϯ͢Δ͜ͱͰɺҎԼͷΑ͏ʹίϯςφىಈઃఆͷධՁΛߦ͏͜ͱ͕Ͱ͖·͢ɻࠓճͷ߈ܸͷओཁҼͱͳͬͨ1SJWJMFHFEઃఆ͕$SJUJDBMͰݕ͞Ε͍ͯΔଞɺִੑΛߴΊΔͨΊͷਪઃఆ͕BEWJTFͱͯ͠ݕ͞Ε͍ͯΔ͜ͱ͕͔Γ·͢ɻLVCFTFDTDBOXFCJOTFDVSFQPEZNM<\PCKFDU1PEXFCJOTFDVSFEFGBVMU WBMJEUSVF fiMF/BNFXFCJOTFDVSFQPEZNM NFTTBHF'BJMFEXJUIBTDPSFPGQPJOUT TDPSF TDPSJOH\DSJUJDBM<\JE1SJWJMFHFE TFMFDUPSDPOUBJOFST<>TFDVSJUZ$POUFYUQSJWJMFHFEUSVF SFBTPO1SJWJMFHFEDPOUBJOFSTDBOBMMPXBMNPTUDPNQMFUFMZVOSFTUSJDUFEIPTUBDDFTT QPJOUT^> BEWJTF<\JE"QQBSNPS"OZ TFMFDUPSNFUBEBUBBOOPUBUJPOTaDPOUBJOFSBQQBSNPSTFDVSJUZCFUBLVCFSOFUFTJPOHJOYa SFBTPO8FMMEFfiOFE"QQ"SNPSQPMJDJFTNBZQSPWJEFHSFBUFSQSPUFDUJPOGSPNVOLOPXOUISFBUT8"3/*/(/05130%6$5*0/3&"%: QPJOUT^ ɾɾɾ{"id": "ReadOnlyRootFilesystem","selector": "containers[] .securityContext .readOnlyRootFilesystem == true","reason": "An immutable root filesystem can prevent malicious binaries being added to PATH and increase attack cost","points": 1},ίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
/P ରࡦ ৄࡉ ෆཁͳઃఆΛߦΘͳ͍,VCFSOFUFTͰಛʹઃఆΛߦΘͳͯ͘࠷ݶͷִੑ୲อ͞ΕΔ˞ಛʹҙຯΛཧղͤͣઃఆΛՃ͢ΔͱίϯςφͷִੑΛԼͤ͞ΔڪΕ͕͋Δ ΑΓִੑΛߴΊΔઃఆϓϥΫςΟεΛࢀߟʹΑΓִੑΛߴΊΔͨΊͷઃఆΛՃ͢Δίϯςφͷ࣮ߦϢʔβʔΛඇSPPUʹઃఆ͢Δ ىಈઃఆͷεΩϟϯ ִੑΛԼͤ͞Δةݥͳઃఆ͕ͳ͍͔πʔϧΛ༻͍ͯ֬ೝ͢ΔηΩϡϦςΟରࡦ·ͱΊίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
1PE4FDVSJUZ"ENJTTJPOɹ,VCFSOFUFTͷ1PE4FDVSJUZ4UBOEFSEʹ४ڌͨ͠1PEͷΈσϓϩΠΛڐՄ͢Δػೳɻɹɹ,VCFSOFUFTW࣌ͰBMQIBػೳͱ࣮ͯ͠͞ΕͨɻɹIUUQTLVCFSOFUFTJPEPDTDPODFQUTTFDVSJUZQPETFDVSJUZBENJTTJPOLVCFTDBQFɹՔಇதͷ1PE͕/4"$*4",VCFSOFUFT)BSEFOJOH(VJEBODFͷ߲ʹ४ڌ͍ͯ͠Δ͔Λݕࠪ͢ΔπʔϧɻɹIUUQTHJUIVCDPNBSNPTFDLVCFTDBQFͦͷଞʹ࠷ۙ։ൃ͕ਐΜͰ͍Δίϯςφͷִੑ֬อΛิॿ͢Δπʔϧͱͯ͠ҎԼͷͷ͕͋Γ·͢ɻʢࢀߟʣίϯςφηΩϡϦςΟͷߟ͑ํίϯςφ ରࡦ
։ൃऀઢͰҙ͖ࣝ͢ίϯςφηΩϡϦςϦεΫɹɾϦεΫΛ࣮ײ͢ΔͨΊʹ߈ܸͷϞσϧέʔεΛ༻͍ͯ۩ମԽͯ͠͝આ໌͠·ͨ͠։ൃऀઢͰҙ͖ࣝ͢ίϯςφηΩϡϦςΟରࡦͷߟ͑ํɹɾ߈ܸࣄྫΛͱʹ֤ϨΠϠʹ͓͚Δରࡦͷߟ͑ํΛମܥԽ͠·ͨ͠ɹɹɹɾΠϝʔδϨΠϠɿΠϝʔδʹ༨ͳͷΛؚΊͳ͍ɹɹɹɾίϯςφϨΠϠɿίϯςφͷִੑΛҡ࣋͢Δɹɾࠓճࣔͨ͠ߟ͑ํΛϕʔεʹ۩ମతʹͲͷΑ͏ͳπʔϧΛͲ͏༻͍ͯରࡦ͢Δ͔ߟ͑Δɹɹ˞۩ମతରࡦʹ͍ͭͯϓϥΫςΟεΛࢀর͍ͯͩ͘͠͞ίϯςφηΩϡϦςΟΛҙࣝ͢Δ͖͔͚ͬ࡞Γͱͯ͠ͷҐஔ͚ɹɹɾຊͷ༰͕օ༷͕ίϯςφηΩϡϦςΟΛҙࣝ͠ߟ͑Δ্ͰͷҰॿͱͳΕ͍Ͱ͢·ͱΊ
PQTYDRFYQMPJU$7&˞ࠓճͷ߈ܸγφϦΦᶃҰ෦ͪ͜ΒΛࢀߟʹ͍͍ͤͯͯ͞·͢IUUQTHJUIVCDPNPQTYDRFYQMPJU$7&$POUBJOFS4FDVSJUZ#PPL˞ࠓճͷ߈ܸγφϦΦᶄҰ෦ͪ͜ΒΛࢀߟʹ͍͍ͤͯͯ͞·͢IUUQTDPOUBJOFSTFDVSJUZEFWTFDVSJUZCSFBLPVUUPIPTUIUNM%PDLFS,VCFSOFUFT։ൃɾӡ༻ͷͨΊͷηΩϡϦςΟ࣮ફΨΠυIUUQTCPPLNZOBWJKQFDQSPEVDUTEFUBJMJEίϯςφٕज़ೖԾԽͱͷҧ͍ΛΓɺཁૉٕज़Λ৮ֶͬͯ΅͏IUUQTFIDBSFFSDPNFOHJOFFSIVCFOUSZࢀߟ
5IBOL:PV
Ҿ͖ଓָ͖͠ΜͰߦ͖·͠ΐ͏ʂ
mochizuki875
mongolyy
pauli
picardparis
ama_ch
weaverryan
tomoaki25
adavis
kentosuzuki
huffon
kyonmm
tammyeverts
kobayang
paulrobertlloyd
marktimemedia
robhawkes
eileencodes
iamctodd
jnunemaker
orderedlist
marcelosomers
keathley
tammielis
productmarketing
soudai