https://istio.io/latest/about/contribute/ #IstioCon Design Docs Hongyi Zhang - Link #IstioCon Writing Tests ● Istio.io page content is automatically verified through tests, and you can help by creating Join the Working Group ● Contributing ○ Check out the style guides for documentation ○ Look into writing tests and how they work ○ We are here to help you with your PR! #IstioCon Thank you! @albertsun0

to exceed their trust boundaries including authentication bypass, reading sensitive information, writing files to the underlying file system, exploiting logical errors. The security components have limited cause of the vulnerability is that tgz.Extract() does not sanitise file paths which may lead to writing to arbitrary file paths. A header.Name containing patterns such as .. could traverse the file system

Native ● Large and active community Challenges Challenges ● Doing Service Mesh is complicated ● Writing EnvoyFilters is hard! ● Debugging EnvoyFilters is even harder!! Where It Isn’t a Good Fit? Where

already there Cons: ● You have to maintain a fork of Istio, which makes upgrade painful ● Writing an Envoy Filter for AwesomeRPC is painful Istio Config Envoy Config #IstioCon Manage AwesomeRPC

separate group should be used if files should be accessible to the other users. Recommendation When writing files to disk, the developers should take care to limit access to these files to only users and groups