Skip to content

Add security page #161

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
a-mccarthy merged 1 commit into from
Jun 11, 2025
Merged

Add security page #161

a-mccarthy merged 1 commit into from
Jun 11, 2025

Conversation

@a-mccarthy
Copy link
Collaborator

@a-mccarthy a-mccarthy commented Feb 18, 2025

Part of #155

@github-actions
Copy link

github-actions bot commented Feb 18, 2025

Documentation preview

https://nvidia.github.io/cloud-native-docs/review/pr-161

a-mccarthy
a-mccarthy commented Feb 18, 2025
View reviewed changes
gpu-operator/security.rst



CVEs
Copy link
Collaborator Author

@a-mccarthy a-mccarthy Feb 18, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Do we think a table like this is useful? Are their other fields we should maintain in our docs (all the CVE info is also in the linked bulletins)

There are a few more of these CVEs that relate to vulnerabilities in images used in older version. For completeness, we should probably include them as well, but i wanted to make sure that the table was valuable before i went to the trouble of adding all the rest.

Copy link
Contributor

@cdesiniotis cdesiniotis Feb 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it is valuable. I don't think we should add any more information to this table though. The security bulletin should be the source of truth and readers should be redirected there if they want more information about any particular CVE.

cdesiniotis
cdesiniotis reviewed Feb 20, 2025
View reviewed changes
Copy link
Contributor

@cdesiniotis cdesiniotis left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@a-mccarthy Thanks for this PR! I am good with these changes, but I would like to get another opinion on the table contents.

gpu-operator/security.rst



CVEs
Copy link
Contributor

@cdesiniotis cdesiniotis Feb 20, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I think it is valuable. I don't think we should add any more information to this table though. The security bulletin should be the source of truth and readers should be redirected there if they want more information about any particular CVE.

@cdesiniotis
Copy link
Contributor

cdesiniotis commented Feb 20, 2025

ping @tariq1890 @francisguillier

tariq1890
tariq1890 reviewed Feb 21, 2025
View reviewed changes
gpu-operator/security.rst Outdated

- Access to the host file system and hardware devices, such as NVIDIA GPUs.
- Restart system services such as containerd.
- Permit users to list all GPU clients using the ``nvidia-smi`` utility.
Copy link
Contributor

@tariq1890 tariq1890 Feb 21, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I don't think this is a valid reason:

Permit users to list all GPU clients using the ``nvidia-smi`` utility.

Let's add Loading and unloading kernel modules to the list

Copy link
Collaborator Author

@a-mccarthy a-mccarthy Jun 6, 2025

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

updated. i removed the permit line and added a line for loading and unloading kernel modules

@a-mccarthy a-mccarthy mentioned this pull request Feb 22, 2025
Closed
@a-mccarthy
Add security page
7286e97 
Signed-off-by: Abigail McCarthy <20771501+a-mccarthy@users.noreply.github.com>
@a-mccarthy a-mccarthy force-pushed the add-security-page branch from 7d81dff to 7286e97 Compare June 6, 2025 21:30
@a-mccarthy a-mccarthy merged commit 4a00ae6 into NVIDIA:main Jun 11, 2025
2 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@tariq1890 tariq1890 tariq1890 approved these changes

@cdesiniotis cdesiniotis Awaiting requested review from cdesiniotis

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@a-mccarthy @cdesiniotis @tariq1890