GO-2024-2535: Rancher permissions on 'namespaces' in any API group grants 'edit' permissions on namespaces in 'core' in github.com/rancher/rancher
GO-2024-2537: Rancher 'Audit Log' leaks sensitive information in github.com/rancher/rancher
GO-2024-2760: Rancher's Failure to delete orphaned role bindings does not revoke project level access from group based authentication in github.com/rancher/rancher
GO-2024-2761: Rancher Login Parameter Can Be Edited in github.com/rancher/rancher
GO-2024-2762: Rancher code injection via fluentd config commands in github.com/rancher/rancher
GO-2024-2764: Rancher Project Members Have Continued Access to Namespaces After Being Removed From Them in github.com/rancher/rancher
GO-2024-2768: Rancher does not properly specify ApiGroup when creating Kubernetes RBAC resources in github.com/rancher/rancher
GO-2024-2771: Rancher's Steve API Component Improper authorization check allows privilege escalation in github.com/rancher/rancher
GO-2024-2778: Rancher Privilege escalation vulnerability via malicious "Connection" header in github.com/rancher/rancher
GO-2024-2784: Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
GO-2024-2784: Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
GO-2024-2784: Rancher Recreates Default User With Known Password Despite Deletion in github.com/rancher/rancher
GO-2024-2929: Rancher's External RoleTemplates can lead to privilege escalation in github.com/rancher/rancher
GO-2024-2931: Rancher does not automatically clean up a user deleted or disabled from the configured Authentication Provider in github.com/rancher/rancher
GO-2024-2932: Rancher's RKE1 Encryption Config kept in plain-text within cluster AppliedSpec in github.com/rancher/rancher
Documentation
¶
-
func AuthenticateUser(input interface{}, providerName string) (v3.Principal, []v3.Principal, string, error)
-
func Configure(ctx context.Context, mgmt *config.ScaledContext)
-
func GetPrincipal(principalID string, myToken v3.Token) (v3.Principal, error)
-
func GetProvider(providerName string) (common.AuthProvider, error)
-
func GetProviderByType(configType string) common.AuthProvider
-
func SearchPrincipals(name, principalType string, myToken v3.Token) ([]v3.Principal, error)
-
func SetupAuthConfig(ctx context.Context, management *config.ScaledContext, schemas *types.Schemas)
Source Files
¶
Directories
¶
Click to show internal directories.
Click to hide internal directories.