github
/
k3s
mirror of https://github.com/k3s-io/k3s
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
69,854 Commits
31 Branches
881 Tags
634 MiB
Commit Graph

5 Commits (61117761cd4a1b2e6ad9ff2d7eb915f3d2739dc6)

Author SHA1 Message Date
Jordan Liggitt 3fafdb7001
Detect backsteps correctly in base path detection 
Avoid false positives with atomic writer ..<timestamp> directories
 2018-03-13 02:23:06 -04:00
Jan Safranek 5110db5087 Lock subPath volumes 
Users must not be allowed to step outside the volume with subPath.
Therefore the final subPath directory must be "locked" somehow
and checked if it's inside volume.

On Windows, we lock the directories. On Linux, we bind-mount the final
subPath into /var/lib/kubelet/pods/<uid>/volume-subpaths/<container name>/<subPathName>,
it can't be changed to symlink user once it's bind-mounted.
 2018-03-05 09:14:44 +01:00
carlory 7831085e13 func parseEndpointWithFallbackProtocol should check if protocol of endpoint is empty. 2017-06-06 17:28:15 +08:00
Dong Liu fb26c9100a Support TCP type runtime endpoint for kubelet. 2017-05-25 09:16:11 +08:00
Wojciech Tyczynski 220cfdff91 Optimize secret manager to refresh secrets from apiserver cache 2017-01-26 20:54:45 +01:00