You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Describe the feature you'd like to have.
The VolSync controller should look for a well-known annotation on the user's Namespace that would serve as an indicator that movers should be run with elevated privileges in that Namespace.
What is the value to the end user? (why is it a priority?)
Reducing the (default) permissions that are granted to movers enhances the security of the cluster by ensuring that movers (which run in the user's Namespace) only run w/ permissions that are equivalent to that of a normal user. Unfortunately, that will limit the ability of movers to preserve file metadata such as uid/gid and some attrs. It may also prevent reading (and replicating) some files. For this reason, it must be possible to securely signal that movers should be run w/ elevated privileges when these additional items need to be replicated.
By using an annotation on the Namespace, we ensure that an entity w/ elevated privileges has "ok-ed" the mover elevation.
How will we know we have a good solution? (acceptance criteria)
Document the annotation that VolSync will use and explain the implications of the enhanced privileges: more accurate replication, but potential for user privilege escalation.
The controllers should look for the annotation and make that information available as a flag via the mover interface (probably via the Builder)
Additional context
This item is just to provide the annotation to the interface. Changes to the behavior of movers will be handled separately.
The text was updated successfully, but these errors were encountered:
JohnStrunk
changed the title
Provide a well-known annotation that can be added to the user's Namespace that indicates movers should run there with elevated permissions
Support a Namespace annotation indicating elevated privileged are ok for movers
Aug 11, 2022
JohnStrunk
changed the title
Support a Namespace annotation indicating elevated privileged are ok for movers
Support a Namespace annotation indicating elevated privileges are ok for movers
Aug 11, 2022
Describe the feature you'd like to have.
The VolSync controller should look for a well-known annotation on the user's Namespace that would serve as an indicator that movers should be run with elevated privileges in that Namespace.
What is the value to the end user? (why is it a priority?)
Reducing the (default) permissions that are granted to movers enhances the security of the cluster by ensuring that movers (which run in the user's Namespace) only run w/ permissions that are equivalent to that of a normal user. Unfortunately, that will limit the ability of movers to preserve file metadata such as uid/gid and some attrs. It may also prevent reading (and replicating) some files. For this reason, it must be possible to securely signal that movers should be run w/ elevated privileges when these additional items need to be replicated.
By using an annotation on the Namespace, we ensure that an entity w/ elevated privileges has "ok-ed" the mover elevation.
How will we know we have a good solution? (acceptance criteria)
Additional context
This item is just to provide the annotation to the interface. Changes to the behavior of movers will be handled separately.
The text was updated successfully, but these errors were encountered: