🤖 AI Dev Tools

Kubernetes 1.35 Finally Tames Wild Kubeconfig Executables with Exec Plugin AllowList

Picture this: your kubeconfig quietly firing off a shady script on your machine. Kubernetes 1.35 slams the door with an exec plugin allowlist, handing you god-mode control over credential plugins.

DevTools Feed Apr 03, 2026 3 min read

Illustration of a locked Kubernetes kubeconfig blocking rogue executables

⚡ Key Takeaways

Kubernetes 1.35 adds exec plugin allowList to kubeconfig, blocking rogue executables by default.
Set policy to DenyAll first to audit plugins, then whitelist trusted ones by path or name.
Future: checksums and signatures will make this unbreakable against supply-chain attacks.

Published by

DevTools Feed

Ship faster. Build smarter.

#Kubernetes 1.35 #exec plugin allowlist #kubeconfig safety #kubeconfig security #kubectl security #supply chain attacks

Worth sharing?

Get the best Developer Tools stories of the week in your inbox — no noise, no spam.

Originally reported by Kubernetes Blog

⚡ Key Takeaways

The 60-Second TL;DR

DevTools Feed

Share this article

Worth sharing?

Related Stories

AI's Cypress Tests Stun — But Miss the Human Edge on Sauce Demo

Genetic Algorithms Evolve Chaos into Order—Line Fits to Nightmarish Road Trips

GPUHammer Cracks NVIDIA GDDR6: Rowhammer's GPU Nightmare Begins

This AI Journal App Fills the Dreaded Blank Page — And Builds Your Second Brain

Stay in the loop