I think the HTTP proxy based architecture is just weird and inherently insecure.... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		fulafel on Aug 9, 2019 \| parent \| context \| favorite \| on: Kubernetes Security Assessment [pdf] I think the HTTP proxy based architecture is just weird and inherently insecure. Everything would be much simpler and and easier to analyze in a normal end-to-end scenario.

gtirloni on Aug 10, 2019 [–]

I think that's because of the WebSockets support in kubectl so you can tunnel things, but it's been a long time since I read about it.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact