David Cowden

@darix perhaps you were introduced to the `DynamicUser` concept prior to the more recent additions to make persistent data possible? You might find http://0pointer.net/blog/dynamic-users-with-systemd.html an interesting read, specifically the section...

~~@technosophos I'm unable to see the security advisory you linked. Is that intentional?~~ GH was having issues last night.

Copying my impression from #8436 >Keep in mind that Helm is not supposed to contact the Kubernetes API Server during a `helm template` or a `helm install|update|delete|rollback --dry-run`, so the...

>Lookup is intentionally disabled for security reasons. There is no plan to change this behavior. @technosophos I reviewed the security advisory. My take is that the documentation of helm's behavior...

@technosophos what about `--dry-run`? I think people are okay with the neutered `template` command so long as they can use `--dry-run --debug` on `install/upgrade`. In any event, an explanation of...

@bacongobbler this was [discussed earlier in the thread](https://github.com/helm/helm/issues/8137#issuecomment-657695170). And @astropuffin adds: > I fail to understand even a theoretical attack vector for this. If an attacker has access to the...

I came across another interesting side effect earlier this week: we've been exploring https://tilt.dev/ which is a tool that augments traditional Kubernetes deployments to provide an optimized developer experience. It...

That aligns with my understanding. I'd already suggested the user use the direct link in the PR https://github.com/smallstep/certificates/pull/251#issuecomment-625612438 and according to their following comment they did not have success. I'll...

@0xced is this something you'd still submit if bumped or have you moved on to other things?

Any update?