tektoncd
tekton cluster resolver let anyone access any tasks on any namespaces by default
Expected Behavior
Don't let someone who does not have access to the task be able to access it
Actual Behavior
Anyone can access to any task as long as they know its name
Steps to Reproduce the Problem
- User-a have a git-clone task with for example a reference in a password in clear in that task (bad security practice but one can assume people may feel safe to do this in their own namespace)
- User-b create a TaskRun with a reference to User-a namespace and git-clone:
apiVersion: tekton.dev/v1beta1
kind: TaskRun
metadata:
name: remote-task-reference
spec:
taskRef:
resolver: cluster
params:
- name: kind
value: task
- name: name
value: git-clone
- name: namespace
value: user-a
- User-b is able to read the task from user-a and content
Additional Info
- Kubernetes version:
v0.52.1
This assumes user-b know the task name of user-a but security which mitigate this by obscurity doesn't scale very far :)
Maybe have this restricted to no namespace by default and only explicitly allow namespaces via configuration by default?
I agree with @chmouel, I think we should make the default configuration for the cluster task to be as secure as possible by default, aka "restricted to no namespace by default and only explicitly allow namespaces via configuration".
/cc @tektoncd/core-maintainers
added a setting to mitigate this in this PR https://github.com/tektoncd/pipeline/pull/7237 I think we may want to make * the default...
I think i'll submit a new PR setting the new blocked-namespaces=* from https://github.com/tektoncd/pipeline/pull/7237 by default and will see how it goes