[sig-node] Exception Request for KEP #6035

5 views
Skip to first unread message

Dhanush Muralidharan

unread,
Jun 16, 2026, 6:34:15 AM (6 days ago) Jun 16
to sig-...@kubernetes.io, kubernetes-...@googlegroups.com, releas...@kubernetes.io
Enhancement name: Exec Session Identity Propagation
Enhancement status: AlphaSIG: SIG-Nodek/enhancements repo issue #: https://github.com/kubernetes/enhancements/issues/6035PR #'s: https://github.com/kubernetes/enhancements/pull/6036Additional time needed: 3 days (AoE Time) as we are waiting for reviews and there are no action items pending from our end.Reason this enhancement is critical for this milestone: Delay caused by consolidating two KEPs into one. Requires CRI protobuf changes, so runtime implementers need adequate runway. Deferring slips the feature a full release cycle.Risks from adding code late: Low. Alpha, off by default. CRI proto change is purely additive; runtimes that have not implemented it yet silently ignore it.Risks from cutting enhancement: Exec session auditing gap stays open. No upstream mechanism to correlate who ran what inside an exec session, exploitable by privileged insiders. Deferring also delays runtime implementers from picking up the CRI changes.

Thanks,
Dhanush 

Dhanush Muralidharan

unread,
Jun 16, 2026, 6:34:15 AM (6 days ago) Jun 16
to kubernetes-...@googlegroups.com, sig-...@kubernetes.io, releas...@kubernetes.io
Enhancement name: Exec Session Identity Propagation
Enhancement status: AlphaSIG: SIG-Nodek/enhancements repo issue #: https://github.com/kubernetes/enhancements/issues/6035PR #'s: https://github.com/kubernetes/enhancements/pull/6036Additional time needed: 3 days (AoE Time)

Dhanush Muralidharan

unread,
Jun 16, 2026, 6:34:16 AM (6 days ago) Jun 16
to sig-node, Dhanush Muralidharan, kubernetes-...@googlegroups.com, releas...@kubernetes.io

Requesting this exception as we are waiting for reviews from people. 
DISCLAIMER: The contents of this email, including any attachments that it may contain, are privileged and confidential information, and may also constitute as proprietary, and are intended solely for the use of the addressee(s). If you are not the intended recipient, please notify the sender by email and delete the original message. Unintended recipients are strictly prohibited from copying, disclosing, and/or distributing such contents in any manner or form. Opinions, conclusions, and other information in this transmission that do not relate to the official business of Amagi, including all its affiliates, shall be understood as neither given nor endorsed by it. Any statements made herein that are tantamount to contractual obligations, promises, claims or commitments shall not be binding on the Company unless expressly and specifically stated as otherwise, or followed by written confirmation, by an authorized signatory of the Company.
Reply all
Reply to author
Forward
0 new messages