Skip to content

The apiserver read-only API leaks bearer tokens #7963

New issue
Jump to bottom
New issue
Jump to bottom
Closed
#8155
Closed
The apiserver read-only API leaks bearer tokens#7963
#8155
Labels
area/securitypriority/backlogHigher priority than priority/awaiting-more-evidence.
Milestone
 
v1.0
@stephenR

Description

@stephenR
stephenR
opened on May 8, 2015

From a minion:
curl http://kubernetes-master:7080/api/v1beta3/secrets
will return the bearer tokens for all service accounts.

I'm not sure if this is already taken care of as part of #5921.

Metadata

Assignees

No one assigned

    Labels

    area/securitypriority/backlogHigher priority than priority/awaiting-more-evidence.

    Type

    No type

    Projects

    No projects

    Milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions