Debugger Chen

Use Webhook/CEL for authorization?

1

Currently, the Operator may allow a user with a single namespace permission to reference secrets in other namespaces, which can be a security concern. Should we add some Webhook/CEL to...

Dear developers, I am writing to express a security concern regarding the security practice of this Operator. To avoid disclosing sensitive details here, we'd prefer to share more information privately....

Currently namespace-scoped users can access their unauthorized namespaces indirectly via Consumer. Perhaps better with webhook for authorization.

Currently the kcluster can reference secrets in any namespaces, which may enable a namespace-scoped user to reference secrets in their unauthorized namespace. Perhaps it's better to only let kcluster reference...

The Operator will create clusterrolebindings when reconciling namespace-scoped CR, which may enable namespace-scoped users to elevate privileges.