Replies: 1 comment
-
|
I find this k3s-io/k3s#2645. I think this is a serious design issue. If this is not resolved in a better way, it is hard to claim rke2 is a security hardening k8s distribution. @brandond Will rancher take this into rke2 roadmap? |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
Sorry to bother everyone, it might be silly question, but I'm just not possible to figure out: When joining the cluster, we use a token. This seem to be a very sensitive information. If a bad guy have the token, he can join the cluster as a server node, hence get hold of the entire cluster. Do I get this right? if this is the case, how should it be protected. Right now it is plaintext in disk, or even in cmdline args. Is it risky?
Beta Was this translation helpful? Give feedback.
All reactions