Closed pmsl closed 8 months ago
Describe the bug
Intruders may use this permission to modify the workload's spec
https://github.com/gocrane/crane/blob/main/deploy/craned/rbac.yaml#L75
apiVersion: rbac.authorization.k8s.io/v1 kind: ClusterRole metadata: name: craned rules: ...... - apiGroups: - apps resources: - daemonsets - deployments - deployments/scale - statefulsets - statefulsets/scale verbs: - get - list - watch - update
Reproduce steps
Expected behavior
Screenshots
Environment (please complete the following information):
Describe the bug
Intruders may use this permission to modify the workload's spec
https://github.com/gocrane/crane/blob/main/deploy/craned/rbac.yaml#L75
Reproduce steps
Expected behavior
Screenshots
Environment (please complete the following information):