Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If it can run kubectl it can run any other command too. Unless you're running it as a different user and have put a bit of thought into limiting what that user can do, that's likely too much leeway.

That's only really relevant I'd you're leaving it unattended though.



You can control it with hooks. Most people I know run in yolo mode in a docker container.


What about being in a docker container lets you `kubectl get pod` but prevents you from `kubectl delete deployment`?


this is more about the service account than the runtime environment i think. you put your admin service account in docker the agent can still wreak havoc. Docker lets you hide the admin service account on your host FS from the agent.


Keeping the powerful credentials where the agent can't reach them does buy you a bit of safety. But I still think its a bit loose when compared with exposing an API to the model which can only do what you intend for that model to do.


sure fair enough. I guess i'm mostly being pragmatic here.

Plus i'm not convinced that generating "kubectl"...json..."get"...json..."pod"... is easier for most models than "bash"...json..."kubectl get pod"...


Yes... a docker container...




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: