From 0bc865c242a9b4fd0f155d098bb8c38693053033 Mon Sep 17 00:00:00 2001 From: Rey Lejano Date: Thu, 3 Jun 2021 08:33:02 -0700 Subject: update RFP with additional questions --- sig-security/security-audit-2021/RFP.md | 33 +++++++++++++++++++++++++++++++++ 1 file changed, 33 insertions(+) diff --git a/sig-security/security-audit-2021/RFP.md b/sig-security/security-audit-2021/RFP.md index bed8b512..80ce26a7 100644 --- a/sig-security/security-audit-2021/RFP.md +++ b/sig-security/security-audit-2021/RFP.md @@ -136,3 +136,36 @@ Separately, any code released with or as part of the report needs to be under th ### Must I use the report format from the previous audit? Can the SIG provide a report format template I can use? Vendors who wish to use either the previous report format, as allowed by CC BY 4.0, or a report format provided by the community may do so as long as it is also available under CC BY 4.0. Vendors who wish to publish 2 versions of the report, one tailored for the community under CC BY 4.0 and one that they host on their own site using their proprietary fonts, formats, branding, or other copyrights, under their own license may do so, in order to differentiate their commercial report format from this report. Vendors may also publish a synopsis and marketing materials regarding the report on their website as long as it links to the original report in this repository. In the community report, vendors can place links in the report to materials hosted on their commercial site. This does not imply that linked materials are themselves CC BY 4.0. + +### Do you have any developer documentation or design documentation specifications that aren't available on the internet that you would be able to share? + +Kubernetes is an open source project, all documentation is available on https://kubernetes.io or on https://github.com/kubernetes. + +### What are the most important publicly available pages detailing the design of the system and the data it receives. + +- Overview of [Kubernetes components](https://kubernetes.io/docs/concepts/overview/components/) +- [kube-apiserver overview](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-apiserver/) +- [kube-scheduler overview](https://kubernetes.io/docs/concepts/scheduling-eviction/kube-scheduler/) +- [Operating etcd clusters for Kubernetes](https://kubernetes.io/docs/tasks/administer-cluster/configure-upgrade-etcd/) +- [etcd clustering guide](https://etcd.io/docs/next/op-guide/clustering/) +- [kube-controller-manager overview](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-controller-manager/) +- [cloud-controller-manager overview](https://kubernetes.io/docs/concepts/architecture/cloud-controller/) +- [cloud-controller-manager administration](https://kubernetes.io/docs/tasks/administer-cluster/running-cloud-controller/) +- [kubelet overview](https://kubernetes.io/docs/reference/command-line-tools-reference/kubelet/) +- [kube-proxy overview](https://kubernetes.io/docs/reference/command-line-tools-reference/kube-proxy/) +- [secrets-store-csi-driver](https://github.com/kubernetes-sigs/secrets-store-csi-driver) + +### How long does the Working Group envision the engagement lasting and what is the latest date you can receive the deliverables? + +The latest date to receive deliverables will be negotiated with the selected vendor. + +### Which attack vectors are of most concern to the Working Group. + +1. The attack vector most concerned about is unauthenticated access to a cluster resulting in compromise of the [components in-scope](#project_goals_and_scope) +2. Crossing cluster boundaries for multi-cluster configuration +3. Crossing namespaces +4. Any attack vector that exists against the components in scope + +### Is there flexibility to wait for staff to be available to work on the audit? + +Yes, the timeline for the audit is flexible and the timeline will be further discussed and negotiated with the selected vendor. \ No newline at end of file -- cgit v1.2.3 From 7acd3af1aa175fe1f28f57f9791cdb281d3e19be Mon Sep 17 00:00:00 2001 From: Rey Lejano Date: Thu, 3 Jun 2021 23:21:26 -0700 Subject: updated with suggested changes from tabbysable --- sig-security/security-audit-2021/RFP.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/sig-security/security-audit-2021/RFP.md b/sig-security/security-audit-2021/RFP.md index 80ce26a7..d0ea8cb7 100644 --- a/sig-security/security-audit-2021/RFP.md +++ b/sig-security/security-audit-2021/RFP.md @@ -163,8 +163,8 @@ The latest date to receive deliverables will be negotiated with the selected ven 1. The attack vector most concerned about is unauthenticated access to a cluster resulting in compromise of the [components in-scope](#project_goals_and_scope) 2. Crossing cluster boundaries for multi-cluster configuration -3. Crossing namespaces -4. Any attack vector that exists against the components in scope +3. Crossing namespace boundaries, an authenticated attacker being able to affect resources their credentials do not directly allow +4. Any other attack vector that exists against the components in scope ### Is there flexibility to wait for staff to be available to work on the audit? -- cgit v1.2.3 From 90737e76d2a5a4a0aeee9e3175a775fe9a15b502 Mon Sep 17 00:00:00 2001 From: Rey Lejano Date: Fri, 4 Jun 2021 14:04:21 -0700 Subject: update answer to attack vector question --- sig-security/security-audit-2021/RFP.md | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) diff --git a/sig-security/security-audit-2021/RFP.md b/sig-security/security-audit-2021/RFP.md index d0ea8cb7..e754248c 100644 --- a/sig-security/security-audit-2021/RFP.md +++ b/sig-security/security-audit-2021/RFP.md @@ -162,9 +162,8 @@ The latest date to receive deliverables will be negotiated with the selected ven ### Which attack vectors are of most concern to the Working Group. 1. The attack vector most concerned about is unauthenticated access to a cluster resulting in compromise of the [components in-scope](#project_goals_and_scope) -2. Crossing cluster boundaries for multi-cluster configuration -3. Crossing namespace boundaries, an authenticated attacker being able to affect resources their credentials do not directly allow -4. Any other attack vector that exists against the components in scope +2. Crossing namespace boundaries, an authenticated attacker being able to affect resources their credentials do not directly allow +3. Any other attack vector that exists against the components in scope ### Is there flexibility to wait for staff to be available to work on the audit? -- cgit v1.2.3