xk6-disruptor icon indicating copy to clipboard operation
xk6-disruptor copied to clipboard

Published 20 hours ago verified publisher icon grafana

Harden security of xk6-agent

Open pablochacin opened this issue 1 year ago • 0 comments

The xk6-agent is installed as an ephemeral container in the target pods. It is then used by the xk6-disruptor for executing commands in the pod for injecting different types of faults. This operating model introduces some security vulnerabilities with potential of exploration.

  • There is not control of who can interact with the agent.
  • The inputs received by the agents are not sanitized

pablochacin avatar Jun 09 '23 12:06 pablochacin