Skip to content

fix(controllers): block IPv6 link-local traffic in default NetworkPolicy#827

Merged
k8s-ci-robot merged 2 commits into
kubernetes-sigs:mainfrom
chw120:fix-ipv6-linklocal-egress
May 27, 2026
Merged

fix(controllers): block IPv6 link-local traffic in default NetworkPolicy#827
k8s-ci-robot merged 2 commits into
kubernetes-sigs:mainfrom
chw120:fix-ipv6-linklocal-egress

Conversation

@chw120

@chw120 chw120 commented May 20, 2026

Copy link
Copy Markdown
Contributor

What this PR does / why we need it:

This PR addresses a security vulnerability (Finding 08) where the default NetworkPolicy for sandboxes blocked IPv4 link-local traffic but inadvertently allowed IPv6 link-local egress (fe80::/10).

Changes included:

  • Modified sandboxtemplate_controller.go to add fe80::/10 to the Except block of the default IPv6 egress policy.
  • Updated examples/policy/network-policy-management/README.md documentation to reflect the inclusion of the IPv6 link-local block.

Release Note

SECURITY: Updated the default sandbox NetworkPolicy to block egress to IPv6 link-local addresses (fe80::/10). This prevents untrusted code from accessing local services and cloud metadata endpoints over IPv6.
@netlify

netlify Bot commented May 20, 2026

Copy link
Copy Markdown

Deploy Preview for agent-sandbox canceled.

Name Link
🔨 Latest commit d76545f
🔍 Latest deploy log https://app.netlify.com/projects/agent-sandbox/deploys/6a0e4167961c68000838a68b
@k8s-ci-robot k8s-ci-robot added size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. labels May 20, 2026
@janetkuo janetkuo requested a review from Copilot May 20, 2026 08:00

Copilot AI left a comment

Copy link
Copy Markdown

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR fixes a security gap in the sandbox “secure-by-default” NetworkPolicy by blocking IPv6 link-local egress (fe80::/10), aligning IPv6 behavior with the existing IPv4 link-local block.

Changes:

  • Add fe80::/10 to the IPv6 ipBlock.except list in the default NetworkPolicy egress rule.
  • Update the network policy management example README to document and demonstrate the IPv6 link-local block.

Reviewed changes

Copilot reviewed 2 out of 2 changed files in this pull request and generated 1 comment.

File Description
extensions/controllers/sandboxtemplate_controller.go Extends the default IPv6 egress Except list to include fe80::/10 (IPv6 link-local).
examples/policy/network-policy-management/README.md Documents the additional IPv6 link-local block and updates the YAML example accordingly.
Comment thread extensions/controllers/sandboxtemplate_controller.go
@k8s-ci-robot k8s-ci-robot added size/S Denotes a PR that changes 10-29 lines, ignoring generated files. and removed size/XS Denotes a PR that changes 0-9 lines, ignoring generated files. labels May 20, 2026
@chw120 chw120 force-pushed the fix-ipv6-linklocal-egress branch from 9136d25 to d76545f Compare May 20, 2026 23:19
@barney-s

Copy link
Copy Markdown
Collaborator

please fix the test failures @chw120

@chw120

chw120 commented May 21, 2026

Copy link
Copy Markdown
Contributor Author

/retest

@chw120

chw120 commented May 21, 2026

Copy link
Copy Markdown
Contributor Author

please fix the test failures @chw120

Done. It's due to #841. @barney-s

@chw120

chw120 commented May 23, 2026

Copy link
Copy Markdown
Contributor Author

/priority critical-urgent

@k8s-ci-robot k8s-ci-robot added the priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. label May 23, 2026
@aditya-shantanu

Copy link
Copy Markdown
Collaborator

/ok-to-test
/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the ok-to-test Indicates a non-member PR verified by an org member that is safe to test. label May 26, 2026
@k8s-ci-robot k8s-ci-robot added the lgtm "Looks good to me", indicates that a PR is ready to be merged. label May 26, 2026
@barney-s

Copy link
Copy Markdown
Collaborator

/lgtm
/approve

@k8s-ci-robot k8s-ci-robot added the approved Indicates a PR has been approved by an approver from all required OWNERS files. label May 27, 2026
@aditya-shantanu

Copy link
Copy Markdown
Collaborator

/lgtm
/approve

@k8s-ci-robot

Copy link
Copy Markdown
Contributor

[APPROVALNOTIFIER] This PR is APPROVED

This pull-request has been approved by: aditya-shantanu, barney-s, chw120

The full list of commands accepted by this bot can be found here.

The pull request process is described here

Details Needs approval from an approver in each of these files:

Approvers can indicate their approval by writing /approve in a comment
Approvers can cancel approval by writing /approve cancel in a comment

@tomergee

Copy link
Copy Markdown
Contributor

/lgtm

@k8s-ci-robot k8s-ci-robot merged commit 1f1b3bc into kubernetes-sigs:main May 27, 2026
11 checks passed
@github-project-automation github-project-automation Bot moved this from Backlog to Done in Agent Sandbox May 27, 2026
@chw120 chw120 deleted the fix-ipv6-linklocal-egress branch May 27, 2026 22:12
khirotaka pushed a commit to khirotaka/agent-sandbox that referenced this pull request Jun 12, 2026
…icy (kubernetes-sigs#827)

* fix(controllers): add fe80::/10 to default egress NetworkPolicy exceptions to block IPv6 link-local traffic

* fix copilot comments
alexatakvelon pushed a commit to volatilemolotov/agent-sandbox that referenced this pull request Jun 24, 2026
…icy (kubernetes-sigs#827)

* fix(controllers): add fe80::/10 to default egress NetworkPolicy exceptions to block IPv6 link-local traffic

* fix copilot comments
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

approved Indicates a PR has been approved by an approver from all required OWNERS files. cncf-cla: yes Indicates the PR's author has signed the CNCF CLA. lgtm "Looks good to me", indicates that a PR is ready to be merged. ok-to-test Indicates a non-member PR verified by an org member that is safe to test. priority/critical-urgent Highest priority. Must be actively worked on as someone's top priority right now. ready-for-review size/S Denotes a PR that changes 10-29 lines, ignoring generated files.

7 participants