Audit Open Original ↗
OPA
Type
Security review
Client
—
Date
2020-03
Domain
Supply Chain
Effort
2 wks
Section
Cloud-Native Reviews
Trail of Bits's security review of OPA (Mar 2020) identified 10 issues: 1 high, 2 low, 6 informational, and 1 undetermined.
Findings · 10
- 1 Data races between Gatekeeper controllers Undetermined
- 2 Setting audit interval to a negative value leads to an infinite audit loop Low
- 3 The constraintViolationsLimit can be set to a negative value Informational
- 4 ConstraintTemplate Controller creation doesn't clear client cache Informational
- 5 Default deployment uses insecure failurePolicy for validating webhook High
- 6 Policy validation doesn’t stop on first violation and doesn’t time out, potentially allowing denial of service Informational
- 7 The deployment configuration should explicitly drop Linux capabilities Informational
- 8 The deployment configuration does not use seccomp policies Low
- 9 OPA client and backend are shared across all parts of Gatekeeper Informational
- 10 Unique namespace example uses ine�ficient data structures Informational
Findings extracted from the published report PDF. See the full report below for details and remediation.
Related
- 2025 Attestations: a new generation of signatures on PyPI Talk
- 2024 The Next 5 Years of Supply Chain Security on PyPI Talk
- 2024 PEP 740 and PyPI: Bootstrapping Provenance for the Python Ecosystem Talk
- 2024 Imagining a zero-trust future for PyPI Talk
- 2024 Build Provenance: Lessons (so far) from Homebrew Talk
- 2023 What does it look like to code-sign for an entire packaging ecosystem? Talk