rbac disabled by default which is security vunerability #5400
Description
The default installation of microk8s does not enable rbac which is a security vulnerability as it would allow any pod with cluster wide access to do anything and everything. A simple rogue pod could wreak havoc. In today's world where MCP is installed in cluster making it even more exposed to agents accessing them.
There are not even "caution" or "warnings" indicating the potential vulnerability in the installation page. Hope rbac is enabled by default just like many other k8s distros do.
To anybody who is reading this - please enable by doing microk8s enable rbac - your exisitng workloads may fail who were enjoying this unrestricted access - but they were already rogue :-)
The workloads with proper RBAC would anyway continue to work