Jordan Liggitt of Atomic OpenShift reports: UPSTREAM: 17886: pod log location must validate container if provided #6113 has security implications, specifically a running pod could make an API call to view the logs of any pod running on the same Node. External references: https://github.com/openshift/origin/pull/6113
Acknowledgements: This issue was discovered by Jordan Liggitt of Red Hat Atomic OpenShift.
This issue has been addressed in the following products: RHEL 7 Version of OpenShift Enterprise 3.0 RHEL 7 Version of OpenShift Enterprise 3.1 Via RHSA-2015:2544 https://access.redhat.com/errata/RHSA-2015:2544
*** Bug 1286289 has been marked as a duplicate of this bug. ***
This issue has been addressed in the following products: Via RHSA-2015:2615 https://rhn.redhat.com/errata/RHSA-2015-2615.html