Skip to content
This repository has been archived by the owner on Aug 14, 2020. It is now read-only.

spec: define pod security requirements #277

Open
jonboulle opened this issue Apr 1, 2015 · 1 comment
Open

spec: define pod security requirements #277

jonboulle opened this issue Apr 1, 2015 · 1 comment
Milestone
v1.0.0

Comments

@jonboulle
Copy link
Contributor

The spec needs to touch on what the security requirements are for a pod.

Is any isolation of users required between pods?
What user does each application run under and can this be root (i.e. "real" root in the host)?

This might (but not necessarily) be addressed by #231
@jonboulle jonboulle added this to the v1.0.0 milestone Apr 1, 2015
jonboulle added a commit to jonboulle/spec that referenced this issue Apr 1, 2015
@jonboulle
spec: remove TODOs, fix block isolators
43d04eb 
Replace TODOs in spec text with GitHub issues:
- appc#276
- appc#277
- appc#278

Change block isolator wording to apply to specific devices (looks like
previous situation was copypastaed from network isolators)
@jonboulle jonboulle mentioned this issue Apr 1, 2015
Merged
@philips
Copy link
Contributor

philips commented Apr 10, 2015

I think it can be any user including root. Isolation between pods seems like an executor and configuration and it feels out of scope for the spec.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
v1.0.0
Development

No branches or pull requests
2 participants
@philips @jonboulle