Rory McCune
Rory McCune
So at the moment the scraping is peculiar to sched based conferences (and frankly more than a bit hacky!). It's possible (but annoying) to manually add talks...
FWIW if you're looking for things to fix out of this list, as default settings, I'd thoroughly recommend looking at these two on the kubelet. ``` [FAIL] 2.1.2 Ensure that...
I did a default kops install today and a couple of other ones you might want to look at changing `--insecure-bind-address` and `--insecure-port` . Even just on localhost the insecure...
@llcranmer from a security point of view the current correct configuration I believe is to configure `--insecure-port=0` explicitly, and don't configure `--insecure-bind-address` to stop it listening (without that the default...
FWIW, I was looking around for this today and saw https://github.com/kubernetes/kubernetes/issues/43784 . So it sounds like the reason it's not disabled in kops is so that `anonymous-auth` can be set...
FWIW I just got what appears to be the same issue (and fixed by the `modprobe br_netfilter` command) on a fully patched Ubuntu 24.04 host (kernel version 6.8.0-84-generic) running Docker...
For what it's worth, technically once a CVE is published, you should be ok to publish a proof of concept as major vendors should have had early notification to provide...
Hey all, I was just reading this and one thing I wanted to check. From the KEP RBAC is being used to restrict access to the endpoints for all components....