Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Bug: Unnecessary permissions in manifests #557

Open
Yseona opened this issue Jun 2, 2024 · 1 comment
Open

Bug: Unnecessary permissions in manifests #557

Yseona opened this issue Jun 2, 2024 · 1 comment

Comments

@Yseona
Copy link

Yseona commented Jun 2, 2024

Description

The bug is that the Deployment vitess-operator in the manifests has too much RBAC permissions than it needs. The service account of vitess-operator is bound to a role(role.yaml) with the following permissions:

  • create/patch/update/delete verb of the daemonsets/deployments/pods/replicasets/statefulsets resource (Role)
  • patch/update/delete verb of the services resource (Role)

After reading the source code of vitess-operator, I didn't find any Kubernetes API usages using these permissions. Besides, some of these unused permissions may have potential risks. For example, if malicious users gain control of a Kubernetes node running a vitess-operator pod, they can use the create deployments permission to create privileged containers with malicious container images.

Therefore, these permissions should be rechecked to determine if they are truly unnecessary. If they are, the issue should be fixed by removing the unnecessary permissions or other feasible methods.

To Reproduce

Use the manifests with default values.

@frouioui
Copy link
Member

frouioui commented Dec 2, 2024

This is interesting! I think it's worth fixing for sure. @Yseona do you mind contributing a Pull Request for this?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants