Uploaded image for project: 'Openshift sandboxed containers'
  1. Openshift sandboxed containers
  2. KATA-3269

disable unsafe cloud-init modules for CoCo

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Done
    • Icon: Medium Medium
    • OSC 1.7.0
    • None
    • None
    • None
    • BU Product Work
    • 3
    • False
    • None
    • False
    • KATA-2798 - Ensuring no plaintext data is leaked to the host via network when using CoCo
    • Kata Sprint #257, Kata Sprint #259
    • 0
    • 0.000

      Some cloud-init modules may allow to a malicious cloud-provider an easy access to the trusted environment, like the ssh module and the script and files injection modules.

      If possible, we should disable the unsafe modules for the CoCo case.

            Unassigned Unassigned
            ssheribe@redhat.com Snir sheriber
            Votes:
            0 Vote for this issue
            Watchers:
            5 Start watching this issue

              Created:
              Updated:
              Resolved: