Maxim Patlasov

icon company Red Hat icon location Seattle

Results 4 issues of Maxim Patlasov

Driver can display the secret content of node-expand-secret-name

12 comment

# What happened? An user with permissions to create or modify `StorageClass` may print any `Secret`. The problem comes from a [`klog` print](https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/blob/master/pkg/gce-pd-csi-driver/utils.go#L63-L66) which is not sanitized: ``` // Note...

Clear the secrets from request for klog print in `logGRPC()`

20 comment

Malicious user can put a secret in request as explained here: https://github.com/kubernetes-sigs/gcp-compute-persistent-disk-csi-driver/issues/1372. **What type of PR is this?** /kind bug **What this PR does / why we need it**: Malicious...

kind/bug
cncf-cla: yes
size/M
release-note-none
lifecycle/rotten
ok-to-test

Set `fips_mode_enabled` in `efs-utils.conf`

1 comment

if env var `FIPS_ENABLED` is set: https://github.com/kubernetes-sigs/aws-efs-csi-driver/issues/1325 . **Is this a bug fix or adding new feature?** This is a bug: if the driver is run in FIPS-enabled environment, `stunnel`...

size/S
cncf-cla: yes

fix: Remove excessive recursive variable expansions

7 comment

Modern GNU make (version >= 4.4) has backward-incompatible feature: > * WARNING: Backward-incompatibility! > Previously makefile variables marked as export were not exported to commands > started by the $(shell...

kind/bug
ok-to-test
cncf-cla: yes
release-note-none
size/S