Skip to content

future-of-kubectl-cp #2381

Closed
Closed
@ghost

Description

Enhancement Description

  • One-line enhancement description (can be used as a release note): future-of-kubectl-cp

  • Kubernetes Enhancement Proposal:

This document summarizes and originates from this email thread, 
[Proposal to drop kubectl cp](https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/kubernetes-sig-cli/_zUy67lK49k/aE6vncYiAgAJ).   

This document aims to solidify the future of `kubectl cp` as a tool that provides basic function of copying files between local environments and pods.  Any advanced use cases
such as those involving symlinks or modifying file permissions should be performed outside of `kubectl cp` through `kubectl exec`, addons, or shell commands.    

Over the past few releases, there have been numerous security issues with `kubectl cp` that have resulted in release updates in all supported versions of kubectl.
At the same time,any new PR that extends `kubectl cp` must undergo extra reviews to evaluate security threats that may arise [1][2].  Over the past few months,
security fixes have required dropping edge cases and function of the command.  It is increasingly difficult to maintain a cp command that is both
useful and secure.  There are alternative approaches that provide the same function as `kubectl cp` [3].  Using `kubectl exec ...| tar`
provides transparency when copying files as well as mitigations for path traversals, symlink directory escapes, tar bombs, and other exploits.
Use of tar is more featureful, in that it can preserve file permissions and copy pod-to-pod.  Also, `kubectl cp` is dependent on the tar binary
in a container.  A malicious tar binary is outside of what `kubectl cp` can control.    

With all of this in mind the cost and risk of maintaining the cp command should be weighed against what is considered crucial functionality in kubectl. 
It's better to address 80% of use cases with a simple tool than trying to address the remaining 20% at the cost of risking those 80%.     

[1] https://github.com/kubernetes/kubernetes/pull/78622   
[2] https://github.com/kubernetes/kubernetes/pull/73053   
[3] https://gist.github.com/tallclair/9217e2694b5fdf27b55d6bd1fda01b53   

  • Discussion Link:
  • Primary contact (assignee): @sallyom
  • Responsible SIGs: sig-cli
  • Enhancement target (which target equals to which milestone):
    • Alpha release target (x.y):
    • Beta release target (x.y):
    • Stable release target (x.y):
  • Alpha
    • KEP (k/enhancements) update PR(s):
    • Code (k/k) update PR(s):
    • Docs (k/website) update PR(s):

Please keep this description up to date. This will help the Enhancement Team to track the evolution of the enhancement efficiently.

Metadata

Metadata

Assignees

Labels

sig/cliCategorizes an issue or PR as relevant to SIG CLI.

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions