Anas EL BARKANI
Anas EL BARKANI
I support this proposal. Otherwise it's a big security issue, especially in multi-tenant clusters, where ArgoCD is completely unusable because of the privilege escalation vulnerability. https://github.com/argoproj-labs/argocd-operator/issues/154
Hi! Any progress on this proposal ? ArgoCD currently needs cluster-wide read permissions to work. That can lead to a privilege escalation in a multi-tenant context. So imho these wide...
I don't think so :/
and for multi-tenant clusters this security issue has a very big impact
Thanks @jmckind. I see here though that there are two types of installations: standard and namespaced. https://github.com/argoproj/argo-cd/tree/master/manifests I think having the two options in the operator would be great (and...
@Numblesix yes, we are considering the same here. For big companies having multi-tenant clusters in production it's a huge concern. So we are considering uninstalling the operator and get back...
@Numblesix thanks for the tip. did you use this manifest https://github.com/argoproj/argo-cd/blob/master/manifests/namespace-install.yaml ? I don't see any ClusterRole or ClusterRoleBinding there...
thanks @chrisob ! will try that
It seems there are some improvements in the operator, but the permissions are still too wide : https://github.com/argoproj-labs/argocd-operator/blob/master/deploy/olm-catalog/argocd-operator/0.0.15/argocd-operator.v0.0.15.clusterserviceversion.yaml#L574 Is it really necessary to have all the permissions on all the...
> In that case, maybe we could even remove the `clusterPermissions` ? Of course, that makes me wonder how argocd would watch cluster-scoped resources. Yes I agree: clusterPermissions should be...