Re: [kubernetes/kubernetes] CVE-2017-1002102 - atomic writer volume handling allows arbitrary file deletion in host filesystem (#60814)

1 view
Skip to first unread message

Michelle Au

unread,
Apr 4, 2018, 12:00:15 PM4/4/18
to kubernetes/kubernetes, k8s-mirror-storage-bugs, Team mention

@sgorbaty thanks for reviewing the patch! Hard links are fine in this case because they cannot cross mounts. In general, if you see any further issues, please report it following the security disclosure process.

@kubernetes/sig-storage-bugs


You are receiving this because you are on a team that was mentioned.
Reply to this email directly, view it on GitHub, or mute the thread.

Ming Fang

unread,
Apr 25, 2018, 2:58:52 AM4/25/18
to kubernetes/kubernetes, k8s-mirror-storage-bugs, Team mention

Forcing configmap and secret mounts to be readonly is not acceptable.
I should have the option to make it writeable.
Also the ReadOnlyAPIDataVolumes feature gate will be removed so I'm forced to change my application because of this.

Pushkar Joglekar

unread,
May 16, 2022, 6:01:12 PM5/16/22
to kubernetes/kubernetes, k8s-mirror-storage-bugs, Team mention

/label official-cve-feed

(Related to kubernetes/sig-security#1)


Reply to this email directly, view it on GitHub, or unsubscribe.
You are receiving this because you are on a team that was mentioned.Message ID: <kubernetes/kubernetes/issues/60814/1128180065@github.com>

Reply all
Reply to author
Forward
0 new messages