User Request
Type: bug
Target: Console Application
Submitted by: @mrhapile
Console Request ID: d7cd1a6b-a4de-4949-802a-9988f3b42c14
Description
Category: Security/Authz. Severity: Critical.
Location: pkg/api/handlers/self_upgrade.go#L205.
Description: The rollout endpoint relies only on the in-cluster service account’s patch permission. Steps: Log in as a non-admin while running in-cluster with self-upgrade RBAC enabled; POST /api/self-upgrade/trigger. Expected: Only console admins should be able to patch the console Deployment. Actual: Any authenticated user can roll the console to a new image tag. Root Cause: No user-level authorization check exists in TriggerUpgrade.
Suggested Fix: Require admin role before even checking cluster RBAC.
This issue was automatically created from the KubeStellar Console.
User Request
Type: bug
Target: Console Application
Submitted by: @mrhapile
Console Request ID: d7cd1a6b-a4de-4949-802a-9988f3b42c14
Description
Category: Security/Authz. Severity: Critical.
Location: pkg/api/handlers/self_upgrade.go#L205.
Description: The rollout endpoint relies only on the in-cluster service account’s patch permission. Steps: Log in as a non-admin while running in-cluster with self-upgrade RBAC enabled; POST /api/self-upgrade/trigger. Expected: Only console admins should be able to patch the console Deployment. Actual: Any authenticated user can roll the console to a new image tag. Root Cause: No user-level authorization check exists in TriggerUpgrade.
Suggested Fix: Require admin role before even checking cluster RBAC.
This issue was automatically created from the KubeStellar Console.