eraser icon indicating copy to clipboard operation
eraser copied to clipboard

Published 20 hours ago • verified publisher icon eraser-dev

[BUG] Unnecessary permissions

Open Yseona opened this issue 8 months ago • 1 comments

Version of Eraser

1.3.1

Expected Behavior

The Deployment eraser-controller-manager in the charts has delete verb of the pods resource (eraser-manager-role-clusterrole.yaml). However, after reading the source code of eraser, I didn't find any Kubernetes API usages that require this permission.Therefore, for security reasons, I suggest checking this permission to determine if it is truly unnecessary. If it is, the issue should be fixed by removing the unnecessary permission or other feasible methods.

Actual Behavior

No response

Steps To Reproduce

Use helm chart with default values.

Are you willing to submit PRs to contribute to this bug fix?

  • [ ] Yes, I am willing to implement it.

Yseona avatar May 29 '24 18:05 Yseona