Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 6 of 6 for authorizers (0.07 sec)

  2. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.5.md 

    * Use authorization to limit users' ability to use specific PodSecurityPolicy objects

**What is the impact?**

A user that is authorized to create pods can make use of any existing PodSecurityPolicy, even ones they are not authorized to use.

**How can I mitigate this prior to installing 1.5.5?**

1. Export existing PodSecurityPolicy objects:
  * `kubectl get podsecuritypolicies -o yaml > psp.yaml`
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Dec 24 02:28:26 UTC 2020
    - 136.4K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.32.md 

    - Kube-apiserver: Promoted `AuthorizeWithSelectors` feature to beta, which includes field and label selector information from requests in webhook authorization calls. Promoted `AuthorizeNodeWithSelectors` feature to beta, which changes node authorizer behavior to limit requests from node API clients, so that each Node can only get / list / watch its own Node API object, and can also only get / list / watch Pod API objects bound to that node. Clients using kubelet credentials to read other nodes...
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Tue Oct 29 20:17:52 UTC 2024
    - 121.6K bytes
    - Viewed (0)
  4. github.com/square/okhttp

    okhttp/src/test/java/okhttp3/URLConnectionTest.kt 

        server.enqueue(MockResponse(body = "this response comes via HTTPS"))
    server.enqueue(MockResponse(body = "another response via HTTPS"))

    // install a custom SSL socket factory so the server can be authorized
    client =
      client.newBuilder()
        .sslSocketFactory(
          handshakeCertificates.sslSocketFactory(),
          handshakeCertificates.trustManager,
        )
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Sat Jan 20 10:30:28 UTC 2024
    - 131.7K bytes
    - Viewed (0)
  5. github.com/minio/minio

    cmd/object-handlers.go 

    					}
				}
				if reader != nil && proxy.Proxy && perr == nil {
					gr = reader
				}
			}
		}
		if reader == nil || !proxy.Proxy {
			// validate if the request indeed was authorized, if it wasn't we need to return "ErrAccessDenied"
			// instead of any namespace related error.
			if s3Error := authorizeRequest(ctx, r, policy.GetObjectAction); s3Error != ErrNone {
    Registered: Sun Nov 03 19:28:11 UTC 2024
    - Last Modified: Sat Oct 05 05:16:15 UTC 2024
    - 117.4K bytes
    - Viewed (0)
  6. github.com/kubernetes/kubernetes

    CHANGELOG/CHANGELOG-1.4.md 

    * Fix working_set calculation in kubelet ([#29153](https://github.com/kubernetes/kubernetes/pull/29153), [@vishh](https://github.com/vishh))
* Fix RBAC authorizer of ServiceAccount ([#29071](https://github.com/kubernetes/kubernetes/pull/29071), [@albatross0](https://github.com/albatross0))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Dec 24 02:28:26 UTC 2020
    - 133.5K bytes
    - Viewed (0)
  7. github.com/tiangolo/fastapi

    fastapi/applications.py 

                    """
                The OAuth2 redirect endpoint for the Swagger UI.

                By default it is `/docs/oauth2-redirect`.

                This is only used if you use OAuth2 (with the "Authorize" button)
                with Swagger UI.
                """
            ),
        ] = "/docs/oauth2-redirect",
        swagger_ui_init_oauth: Annotated[
            Optional[Dict[str, Any]],
    Registered: Sun Nov 03 07:19:11 UTC 2024
    - Last Modified: Sat Aug 17 04:52:31 UTC 2024
    - 172.2K bytes
    - Viewed (0)
Back to top