Cesar Wong of Red Hat reports: Exec operations should be forbidden to privileged pods such as builder pods because they have privileged access to nodes. Currently, you can exec into any builder pod, getting privileged root access to the node it's running on.
Acknowledgements: This issue was discovered by Cesar Wong of the Red Hat OpenShift Enterprise Team.
This issue has been addressed in the following products: RHEL 7 Version of OpenShift Enterprise 3.0 Via RHSA-2015:1650 https://access.redhat.com/errata/RHSA-2015:1650