🤖 AI Dev Tools

Kubernetes 1.35 Finally Tames Wild Kubeconfig Executables with Exec Plugin AllowList

Picture this: your kubeconfig quietly firing off a shady script on your machine. Kubernetes 1.35 slams the door with an exec plugin allowlist, handing you god-mode control over credential plugins.

Elena Vasquez 📅 Apr 03, 2026 ⏱️ 3 min read 👁️ 0 views

Illustration of a locked Kubernetes kubeconfig blocking rogue executables

⚡ Key Takeaways

Kubernetes 1.35 adds exec plugin allowList to kubeconfig, blocking rogue executables by default.
Set policy to DenyAll first to audit plugins, then whitelist trusted ones by path or name.
Future: checksums and signatures will make this unbreakable against supply-chain attacks.

🧠 What's your take on this?

Cast your vote and see what DevTools Feed readers think

Written by

Elena Vasquez

Senior editor and generalist covering the biggest stories with a sharp, skeptical eye.

#Kubernetes 1.35 #exec plugin allowlist #kubeconfig safety #kubeconfig security #kubectl security #supply chain attacks

Worth sharing?

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by Kubernetes Blog

Kubernetes 1.35 Finally Tames Wild Kubeconfig Executables with Exec Plugin AllowList

⚡ Key Takeaways

The 60-Second TL;DR

🧠 What's your take on this?

Community Consensus

Elena Vasquez

Worth sharing?

⚡ Key Takeaways

The 60-Second TL;DR

🧠 What's your take on this?

Community Consensus

Elena Vasquez

Share this article

Worth sharing?

Related Stories

Crypto Lending's Dirty Mechanics: use, Pools, and Hidden Risks for Devs

Python Async Scraping: 10x Faster, Until Sites Fight Back

WordPress Backend, SPA Frontend: The Headless CMS Hack That's Turbocharging Sites

HarmonyOS @State Blind to Singleton Tweaks

Stay in the loop