►
From YouTube: Kubernetes SIG Security 20210225
Description
No description was provided for this meeting.
If this is YOUR meeting, an easy way to fix this is to add a description to your video, wherever mtngs.io found it (probably YouTube).
A
A
A
All
right
we'll
get
to
it
then
so
docs
docs
has
docs
has
been
working
on
things
but
un.
Unfortunately,
nobody
is
able
to
come
and
give
us
the
update
on
that,
but
zavita.
Let
us
know
that
we
can
look
for
an
update
in
slack
a
little
bit
later.
So
if
anybody,
if
anybody
else
who
has
been
involved,
wants
to
wants
to
add
something
there.
B
I
could
briefly
I
just
if
people
haven't
seen
it
and
it's
in
the
the
doc
links
for
this
there's
the
brainstorming
document
for
the
hardening
guide.
We've
had
some
fantastic
feedback
and
ideas
for
that
so
far,
but
if
anyone
else
has
anything
they
would
like
to
add,
then
please
do
you
know,
go
in
there
and
have
a
look
and
see
if
there's
anything
you
want
to
change
or
you
know,
modify
or
anything
like
that.
A
Yeah
good
caller
great
yeah.
Thank
you
as
far
as
third-party
security
audit.
This
is.
This
is
a
bit
of
a
waiting
phase
with
that
because
the
rfp
is
published.
So
if
you,
if
you
want
to
help
to
spread
the
word
about
that
either
by
you,
know
telling
people
about
it,
retweeting
it
whatever.
A
Whatever
methods
that
you
have
for
spreading
the
word
or
if
there's
particular
vendors,
that
you
would
love
to
see
some
see
some
rfp
response
from
on
that
go
ahead
and
and
bring
it
up
to
their
attention,
but
otherwise
it
is
currently
out
there
and
we
are
hoping
to
get
the
responses
for
it.
A
So
not
not
a
lot
to
report
on
that
front
right
now,
eric
I'm
so
glad
to
I'm
so
glad
to
see
that
you
could
make
it
also.
Your
video
looks
fantastic
as
always.
F
Yes,
that's
what
an
expensive
hobby
and
photography
will
eventually
do
for
you
is
to
give
you
a
nice
webcam,
except
that
you
got
to
look
at
me
and
my
unshavenness
hey
so
yeah.
Well,
I'm
glad
to
be
able
to
join.
I
haven't
been
on
since
last
year,
but
my
schedule
has
just
gone
crazy
and
I
I
don't
want
to
be
the
bottleneck
for
tooling.
F
A
F
No
I've
been
completely
out
of
touch
since
before
the
holidays.
So
no.
A
Okay,
then,
then,
we'll
we'll
leave
it
there
and
we'll
say.
If
somebody
has
a
somebody
has
a
good,
strong
feeling
about
tooling,
then
you
will
be
happy
to
to.
G
F
F
A
Next
next
thing,
that's
that
we
have
written
down
here
is
about
patrick.
I
see
you
turn
your
camera
on
a
couple
of
a
couple
of
caps
that
we
have
accepted
stewardship
over
from
from
instrumentation,
so
those
now
one
of
them
is
is
merged
over
into
k,
enhancements,
sig
security
and
the
other
one
is
forthcoming,
pending
some
nits
that
that
need
to
be
addressed
before
the
robot
will,
let
it
merge.
A
But
you
know
this
group
being
owner
of
those
caps,
will
essentially
mean
that
if
somebody
needs
to
ask
about
those
cups,
somebody
wants
to
know
what's
happening
with
those
cups
they
can
come
here.
A
They
can
drop
into
our
slack
and
they
can
ask
what's
going
on
and
you
know
we
promise
to
go
and
find
out
what's
going
on,
if
we
don't
yet
know
what's
going
on,
so
it
seems
that
it
seems
that
we
can
provide
a
natural
home
for
them,
and
that
takes
a
little
bit
of
worry
off
of
the
sig
instrumentation
leads
so
happy
to
do
that
for
them.
Patrick,
do
you
have
any?
Do
you
have
anything
else
that
you'd
like
to
add
here
about
those
caps?
A
I
know
that
I
know
that
they
have
one
at
least
one
of
them
has
been
your
baby.
C
Yeah,
well,
I
was
just
gonna
say
with
the
overlap
like,
as
that
falls
under
the
tooling
thing,
I'm
happy
to
help
out
there,
where
I
can,
since
that
is
kind
of
why
I'm
here
all
together
so
yeah,
I
don't
know
what
falls
into
like
some
team
leadership
stuff
but
yeah.
Otherwise,
as
soon
as
I
fix
up
the
what
is
essentially
a
merge
conflict
that
should
get
merged
in.
So
thanks
for
glad
to
hear
everybody's
happy
to
have
that
live
here.
So
I'm
stoked.
A
Then
the
last
thing
that
I
know
about
is
psp
replacement.
A
lot
of
us
have
been
putting
a
lot
of
a
lot
of
love
and
joy
and
effort
into
psp
replacement.
The
the
meeting
yesterday
the
breakout
meeting
from
sigoth
was
pretty
was
pretty
interesting.
We
had
some.
A
We
had
some
good
progress
towards
a
a
consensus
on
goals,
and
I
think
that
progress
has
been
informed
by
the
by
the
existing
proposals
that
we
have
and
being
able
to
extrapolate
what
our
shared
goals
are
from
looking
at
what
we
agree
and
disagree
with
in
the
proposals
that
exist
so
happy
to
happy
to
see
some
good
conversation
continuing
to
go
on
there.
A
If
you
want
to
see
notes
from
that
notes
from
that
are
over
in
the
sig
off
meeting
notes,
recording
forthcoming
for
those
who
are
who
are
interested
and
yeah
toward
the
end
of
that
meeting.
A
Toward
the
end
of
that
meeting,
jordan,
jordan
said
that
he
had
been
thinking
about
thinking
about
this
as
well,
and
so
hopefully,
by
the
next
meeting.
That'll
be
two
weeks
from
now.
We'll
have
something
concrete
to
look
at
there,
but
it
is.
It
is
moving
along.
It's
been
good
conversations
and
definitely
come
and
come
and
stop
in,
if
you
want
to.
If
you
want
to
throw
your
hat
into
that
ring
with
us.
E
We're
also
working
on
a
blog
post
about
psp
deprecation,
which
is
being
workshopped
and
edited
and
restructured
right
now.
So
that
is
a
thing
that
we
are
working
on
and
are
working
on,
contributes
and
contributor
comms
to
put
out.
E
There
is
currently
an
open
pr
for
one
that,
I
think,
is
not
going
to
be
the
one
that
gets
published,
but
we
are
working
on
the
one
that
well.
A
On
a
meta
note,
you
see,
I
just
turned
it
on,
because
one
has
to
the
the
meeting
host
has
to
remember
to
turn
it
on
at
the
beginning,
but
we
talked
to
contrib
x
and
with
help
from
contrib
x,
we
have
figured
out
how
to
turn
on
the
low
quality
automatic
speech
to
text
based
subtitles
that
you
can
now
turn
on
at
the
bottom
of
your
zoom
client.
A
If
you
want
to
that's
why
I
was
in
a
bit
of
a
panic
before
the
beginning
of
the
meeting
here
to
get
chrome
and
zoom
installed
on
the
windows
side
of
my
laptop
because
it
works
on
everything
but
linux.
But
it
is
here-
and
I
I
feel
like
it
is
of
low
quality,
yet
yet
high
value
for
those
of
us
that
have
a
little
bit
easier
time
following
along
when
we
can
also
see
something
in
addition
to
hearing
it.
So.
A
Is
a
good
point
currently,
the
currently
these
the
captions,
which
appear
in
a
subtitle
like
view
at
the
bottom
of
your
zoom
window,
are
not
configured
to
be
saved
and
uploaded
for
this
meeting,
but
that's
a
thing
that
that
we
could
talk
about
if
people
would
be
would
be
excited
about
that.
I
don't
know
how
it
would
interact
with
the
youtube
uploading.
I
don't
think
that
there's
any,
I
don't
think
there's
any
clever
integration
there,
but
there.
E
A
A
Yeah,
if
you
think
this
is
cool
now,
we've
proven
that
it
can
be
done
inside
kubernetes,
so
shout
out
to
contribex
for
their
help
with
that,
and
if
you
like,
it
then
ask
the
folks
who
are
running
your
other
sig
meetings
to
turn
it
on
for
their
meetings
too.
A
All
right,
good
call
good
call.
I
I
believe
that
I'll
plus
one
that
so
we
have
now
gotten
through
the
few
things
that
we
had
here,
but
we
have
got
a
great
group
assembled
here.
Does
anyone
have
anything
that
they
want
to
bring
to
the.
B
What
was
possibly
one
thing:
there
was
a
an
issue
that
got
filed
on
on
the
kk
repo
earlier
today,
just
because
people
didn't
see
it
about
a
blind,
ssrf
issue.
I
didn't
see
that
yeah.
I
just
thought
because
it
got
pinged
on
twitter.
Let
me
put
the
link
in
chat
and
it's
just
it's
it.
It's
kind
of
when
you
read
it.
It's
like
yeah,
that's
kind
of
by
design
that
the
cubelet
makes
ready
risk
requests
or
readiness
probes
and
therefore
can
bypass
network
policy,
because
it's
not
the
container
making
them.
B
But
it's
an
interesting
one
because
we
got
flagged
on
it.
Security
got
kind
of
pinged
on
it
and
it's
gonna
be
a
a
tricky
one
to
fix
without
breaking
other
stuff.
So
maybe
we
could
want
to
be
aware.
B
B
Because
one
thing,
actually,
it
kind
of
feels
like
there's.
There
was
another
one
earlier
on
this
year,
where
the
mitigation
for
it,
where
there's
no
patch,
and
I
think,
we're
going
to
end
up
with
a
situation
where
there'll
be
a
set
of
issues
where
there
is
no
patch
and
it's
going
to
be
things.
People
need
to
know
about.
So
it's
something
like
docs
would
be
good
for
to
say:
hey
these
things
are
just
the
way
it
works.
B
You
should
know
this
when
you're
designing
your
system,
and
this
this
this
like
feels
like
another
one
of
those.
So
it's
like
almost
like
we're
assembling
a
little
list
of
them.
A
Yeah
yeah-
that
was
please
forgive.
My
brain-
is
going
slowly
this
morning.
If
that
was
the
the
issue
of
being
able
to
put
external
ips
in
service
definitions
right.
B
Yeah
the
mitigation,
but
I
think,
was
suggestions
like
using
a
mission
controller,
but
again
that's
something
that
not
a
not
everyone
has
deployed
and
b.
Not
everyone
knows
about
so
it
doesn't
apply
in
every
cluster.
But
if
it
does,
you
kind
of
need
to
know,
and
it's
not
something.
Kubernetes
is
going
to
help
you
with
out
of
the
box.
E
E
Putting
some
equivalent
of
security
goose,
you
know,
because
there
are
different
parts
of
our
docs
that
need
those
and,
like
you
know,
if
we
aren't
doing
that
right
now,
that's
probably
a
good
thing
for
doc.
Subgroup
to
you
know
have
on
their
radar
as
a
thing
that
we
might
want
to
work
on,
because
I
think
it
would
just
be
a
useful
thing
for
users
in
general:
I'm
I'm
not
in
the
doc
subgroup.
So
I'm
not
trying
to
volunteer
people,
but
it
you
know
as
a
sig.
E
A
Let
me
go
and
try
and
find
a
link
for
you
micah.
Let
me
try
and
find
a
link
for
you
for
security,
goose.
E
Just
what
I
was
originally,
what
I
had
suggested
was
in
the
northeast
united
states,
they're,
the
local
poison
control,
and
I
think
pennsylvania
has
those
bright,
green
stickers
that
are
called
mr
yuck
that
have
a
face
on
them.
E
A
That's
a
good
one.
I
suppose
I
suppose
I'll
drop
a
note
over
in
security
doc's
slack
channel
just
to
make
sure
that
that
it's
brought
up
to
their
attention
because,
like
I
know,
if
xavita
was
here,
she'd
be
right
on
top
of
that,
but
unfortunately
she
couldn't
make
it
today.
A
So
any
any
other
cool
issues
from
the
last
24
hours
that
that
they're
bringing
up
to
the
group.
G
Hi
hi,
my
name
is
sabolfo.
I've
been
here
a
couple
of
times
before
mainly
lurking,
so
I'm
one
of
the
race
managers
on
sick
release,
and
so
I
just
dropped
by
to
to
share
with
you
a
little
bit
of
a
document
that
we
have.
We
need
your
eyes
on
for
for,
to
see
your
opinions,
I
dropped
a
link
in
the
chat
so
a
little
bit
of
context.
G
About
a
year
ago,
we
started
a
project
to
start
publishing
the
cv
information
in
every
kubernetes
release
along
the
automatic
release,
notes
that
we
publish
every
time
a
new
official
release
is
done
and
along
with
the
patch
releases,
and
we
are
ready
to
start
publishing
all
the
cve
vulnerabilities
found
in
the
patch
releases,
along
with
the
change
with
the
changelog
with
the
kubernetes
changelog-
and
this
is
this
is
so
this
is
ready
and
it's
almost
about
to
merge.
G
So
we
just
wanted
to
to
have
some
of
your
eyes
on
the
document
of
the
produced
format
and
information
we're
including
to
see
if
everything
is
correct
and
it's
just
a
mostly
a
documentation
thing.
But
I'd
appreciate
if
you
could
take
a
look
at
it
and
if
you
had
any
notes
or
anything
just
let
us
know
before
we
merge
it.
G
A
All
right
last
last
call.
A
Well
then,
thank
you,
thank
you
all
so
much
for
for
coming
and
for
bringing
up
some
new
fun
things
to
look
at
in
the
in
the
next
week,
or
so,
I
hope
to
hope
to
see
folks
again
soon
and
until
then
we'll
meet
each
other
on
slack
thanks.
All
thanks.