Blog Security Research Git-Syncing into Trouble: Exploring Command Injection Flaws in Kubernetes Tomer Peled is a Security Researcher at Akamai. In his daily job, he conducts research ranging from vulnerability research to OS internals. In his free time, he likes to cook, do Krav Maga, and game on his PC. By looking into the git-sync use page, we can see that it supports many possible configuration parameters. \r\n"}}"> Executive summary \r\n Akamai researcher Tomer Peled found a design flaw in Kubernetes’ sidecar project git-sync that allows for potential command injection. He’ll present these findings at DEF CON 2024. \r\n \r\n \r\n \r\n This design flaw can cause either data exfiltration of any file in the pod (including  service account tokens) or command execution with the git_sync user privileges. \r\n \r\n To exploit the flaw, all an attacker needs to do is apply a YAML file on the cluster, which is a low-privilege operation.…