ashwin shankarananda:
Are are any security risks I shud consider before enabling user for kubectl exec or cp?
Mohamed Ayman:
In some cases , malicious code in containers could write any file to any path on the node where it was copied from using malicious tar binary in downloaded container then a havker could replace or create files on user’s machine even if the location was outside of the destination directory of the kubectl cp operation
You can read more of the risk on this article