pipelines icon indicating copy to clipboard operation
pipelines copied to clipboard
verified publisher icon kubeflow

[frontend] Pod spec, events, and logs are not namespace restricted

Open demarna1 opened this issue 4 weeks ago • 0 comments

Environment

  • How did you deploy Kubeflow Pipelines (KFP)? EKS
  • KFP version: 2.14

Description

InfoSec issue: Pipelines API is not namespace restricted. This means users can view each other's logs, pod events, and pod specs even if they do not have access.

Affected endpoints:

  • /pipeline/k8s/pod
  • /pipeline/k8s/pod/events
  • /pipeline/k8s/pod/logs

Steps to reproduce

Run a pipeline in a namespace and collect the pod name. Then remove user's role binding so that they no longer have any access to that namespace. In the scenario below, I removed access to "serving-test-s3" and now the user only has access to "serving-test-mlzone":

Image

Now access the /pipeline/k8s/pod/logs endpoint directly via url manipulation. The logs can still be viewed.

Image

Same issue for /pipeline/k8s/pod/events and /pipeline/k8s/pod:

Image Image

Expected result

The API should block access to these endpoints if a user is not a member of the namespace.

Materials and Reference

Impacted by this bug? Give it a 👍.

demarna1 avatar Dec 02 '25 17:12 demarna1