- Sort Score
- Result 10 results
- Languages All
Results 1 - 10 of 25 for escalation (0.13 sec)
-
pkg/apis/rbac/v1/evaluation_helpers.go
return true } } return false } // CompactString exposes a compact string representation for use in escalation error messages func CompactString(r rbacv1.PolicyRule) string { formatStringParts := []string{} formatArgs := []interface{}{} if len(r.APIGroups) > 0 { formatStringParts = append(formatStringParts, "APIGroups:%q")
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Jan 18 15:37:57 UTC 2023 - 3.8K bytes - Viewed (0) -
pkg/registry/rbac/role/policybased/storage.go
See the License for the specific language governing permissions and limitations under the License. */ // Package policybased implements a standard storage for Role that prevents privilege escalation. package policybased import ( "context" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Nov 18 10:11:16 UTC 2022 - 3.9K bytes - Viewed (0) -
CODE_OF_CONDUCT.md
If the behavior is threatening or harassing, or for other reasons requires immediate escalation, please see below.
Registered: Sun Jun 16 05:45:23 UTC 2024 - Last Modified: Fri Feb 05 18:43:16 UTC 2021 - 5.2K bytes - Viewed (0) -
pkg/registry/rbac/clusterrolebinding/policybased/storage.go
See the License for the specific language governing permissions and limitations under the License. */ // Package policybased implements a standard storage for ClusterRoleBinding that prevents privilege escalation. package policybased import ( "context" rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Nov 18 10:11:16 UTC 2022 - 4.9K bytes - Viewed (0) -
pkg/registry/rbac/clusterrole/policybased/storage.go
See the License for the specific language governing permissions and limitations under the License. */ // Package policybased implements a standard storage for ClusterRole that prevents privilege escalation. package policybased import ( "context" "errors" apierrors "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Nov 18 10:11:16 UTC 2022 - 5.2K bytes - Viewed (0) -
pkg/registry/rbac/rolebinding/policybased/storage.go
See the License for the specific language governing permissions and limitations under the License. */ // Package policybased implements a standard storage for RoleBinding that prevents privilege escalation. package policybased import ( "context" rbacv1 "k8s.io/api/rbac/v1" "k8s.io/apimachinery/pkg/api/errors" metav1 "k8s.io/apimachinery/pkg/apis/meta/v1" "k8s.io/apimachinery/pkg/runtime"
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Fri Nov 18 10:11:16 UTC 2022 - 5.5K bytes - Viewed (0) -
plugin/pkg/auth/authorizer/rbac/bootstrappolicy/policy_test.go
ret.edit = &role case "system:aggregate-to-view": ret.view = &role } } return ret } // viewEscalatingNamespaceResources is the list of rules that would allow privilege escalation attacks based on // ability to view (GET) them var viewEscalatingNamespaceResources = []rbacv1.PolicyRule{ rbacv1helpers.NewRule(bootstrappolicy.Read...).Groups("").Resources("pods/attach").RuleOrDie(),
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Apr 12 15:45:31 UTC 2023 - 9.5K bytes - Viewed (0) -
platforms/core-runtime/base-services/src/main/java/org/gradle/internal/SystemProperties.java
} public String getLineSeparator() { return System.getProperty("line.separator"); } /** * @deprecated Using the temporary directory on UNIX-based systems can lead to local privilege escalation or local sensitive information disclosure vulnerabilities. */ @Deprecated @SuppressWarnings("InlineMeSuggester") public String getJavaIoTmpDir() { return System.getProperty("java.io.tmpdir");
Registered: Wed Jun 12 18:38:38 UTC 2024 - Last Modified: Wed May 29 06:47:40 UTC 2024 - 7.6K bytes - Viewed (0) -
pkg/apis/rbac/helpers.go
} } return users, groups, sas, others } func (r PolicyRule) String() string { return "PolicyRule" + r.CompactString() } // CompactString exposes a compact string representation for use in escalation error messages func (r PolicyRule) CompactString() string { formatStringParts := []string{} formatArgs := []interface{}{} if len(r.APIGroups) > 0 { formatStringParts = append(formatStringParts, "APIGroups:%q")
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Sun Feb 23 15:11:00 UTC 2020 - 12.1K bytes - Viewed (0) -
plugin/pkg/admission/noderestriction/admission.go
} // Don't allow a node to create its Node API object with the config source set. // We scope node access to things listed in the Node.Spec, so allowing this would allow a view escalation. if node.Spec.ConfigSource != nil { return admission.NewForbidden(a, fmt.Errorf("node %q is not allowed to create pods with a non-nil configSource", nodeName)) }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Mar 07 21:22:55 UTC 2024 - 23.6K bytes - Viewed (0)