You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Is your feature request related to a problem? Please describe.
Given that Pixie's scratchpad and script edit capability allows all the users to run arbitrary ebpf code, it can be considered as a security vulnerability specially in multi-tenant clusters.
Describe the solution you'd like
An ideal solution would be an RBAC mechanism where by default users access is restricted to only run existing scripts. They are given scratchpad/edit access only when the Admin(s) have enabled it for them through RBAC.
Describe alternatives you've considered
An alternative that mitigates the surfaces (but not completely) is to use Pixie on-demand. That is, we deploy Pixie on a single node, and only add nodes to the set of instrumented nodes if we want to profile the Pods/services scheduled on those nodes. The nodes get removed once the profiling task is done.
Additional context
N/A
The text was updated successfully, but these errors were encountered:
Is your feature request related to a problem? Please describe.
Given that Pixie's scratchpad and script edit capability allows all the users to run arbitrary ebpf code, it can be considered as a security vulnerability specially in multi-tenant clusters.
Describe the solution you'd like
An ideal solution would be an RBAC mechanism where by default users access is restricted to only run existing scripts. They are given scratchpad/edit access only when the Admin(s) have enabled it for them through RBAC.
Describe alternatives you've considered
An alternative that mitigates the surfaces (but not completely) is to use Pixie on-demand. That is, we deploy Pixie on a single node, and only add nodes to the set of instrumented nodes if we want to profile the Pods/services scheduled on those nodes. The nodes get removed once the profiling task is done.
Additional context
N/A
The text was updated successfully, but these errors were encountered: