serving icon indicating copy to clipboard operation
serving copied to clipboard
verified publisher icon knative

Switch the default value of `secure-pod-defaults` to be more secure

Open dprotaso opened this issue 2 months ago • 3 comments

This is a continuation of https://github.com/knative/serving/issues/14029

We've introduced an intermediate setting that is secure and allows root images. We didn't switch this to the default in 1.20 but will do this for 1.21 in order to give people enough notice.

dprotaso avatar Oct 09 '25 01:10 dprotaso

cc @nader-ziada @evankanderson

With the 1.21 release we are moving to K8s 1.33 as the min version.

In K8s 1.33 I saw that uid mappings are an available now: https://www.cncf.io/blog/2025/07/16/securing-kubernetes-1-33-pods-the-impact-of-user-namespace-isolation/

I wonder if this simplifies root-allowed to be the exact same as enabled - given the container can think it's root but it's not actually root on the host.

dprotaso avatar Oct 21 '25 20:10 dprotaso

cc @nader-ziada @evankanderson

With the 1.21 release we are moving to K8s 1.33 as the min version.

In K8s 1.33 I saw that uid mappings are an available now: https://www.cncf.io/blog/2025/07/16/securing-kubernetes-1-33-pods-the-impact-of-user-namespace-isolation/

I wonder if this simplifies root-allowed to be the exact same as enabled - given the container can think it's root but it's not actually root on the host.

I think it's worth asking whether the pod security standards should be updated for 1.33 or later -- the goal of this feature was to allow containers to run in the restricted profile without application developer changes. Unfortunately, the restricted profile doesn't say anything about hostUsers: false at the moment, so that setting doesn't meet the "containers just work when my namespace is annotated" feature.

evankanderson avatar Oct 21 '25 21:10 evankanderson

I think it's worth asking whether the pod security standards should be updated for 1.33 or later

Good point. Asked here: https://kubernetes.slack.com/archives/C0BP8PW9G/p1761095246021789?thread_ts=1761079761.151219&cid=C0BP8PW9G

Unfortunately, the restricted profile doesn't say anything about hostUsers: false at the moment, so that setting doesn't meet the "containers just work when my namespace is annotated" feature.

Yeah, another good point. It seems like the restricted profile should be updated.

dprotaso avatar Oct 22 '25 01:10 dprotaso