You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Users can gain access to their containers/pods by having the system to run docker exec / kubectl exec on their behalf.
There was an issue with the docker exec / kubectl exec commands that allowed a user to get access to the shell running the commands because the user input command was passed as a string directly on in the shell command string.
That was fixed by quoting the user input string, but to mitigate these kinds of attacks, we want to avoid the user getting shell access even if they somehow break out of the docker exec / kubectl exec command.
The text was updated successfully, but these errors were encountered:
Users can gain access to their containers/pods by having the system to run docker exec / kubectl exec on their behalf.
There was an issue with the docker exec / kubectl exec commands that allowed a user to get access to the shell running the commands because the user input command was passed as a string directly on in the shell command string.
That was fixed by quoting the user input string, but to mitigate these kinds of attacks, we want to avoid the user getting shell access even if they somehow break out of the docker exec / kubectl exec command.
The text was updated successfully, but these errors were encountered: