mirror of
https://github.com/optim-enterprises-bv/kubernetes.git
synced 2025-11-07 13:54:19 +00:00
96306f144a
This change fixes a race condition that was caused by setting the file owner, group and mode non-atomically, after the updated files had been published. Users who were running non-root containers, without GID 0 permissions, and had removed read permissions from other users by setting defaultMode: 0440 or similar, were getting intermittent permission denied errors when accessing files on secret or configmap volumes or service account tokens on projected volumes during update.