Decryption doesn't fail when doing from unauthorized service account

Question

Decryption doesn't fail when doing from unauthorized service account

vivekpd15 opened this issue 5 years ago · 2 comments

Describe the bug
A clear and concise description of what the bug is.

Versions used
Kamus (API images): 0.6.7.0
Kamus CLI: 0.3.0
Chart version: 0.4.8
KMS provider: AWS KMS
Kubernetes flavour and version: KOPS 1.15.12

To Reproduce
Steps to reproduce the behavior:

Encrypt a key with kamus secret with namespace A and service account B
Decrypt the key using namespace C and service account D

Expected behavior
Decryption should have failed. It successfully decrypted the key.

Answer 1 · 2020-05-18T05:16:08.000Z

Closing the issue as this is a security issue and should be reported according to our security policy. Please do not use GitHub issue for security reporting.

Answer 2 · 2020-06-07T10:10:56.000Z

Fixed with a864a31