Even in a product as technically wonderful as Temporal, we can have relatively simple oversights like this that lead to cross tenant leakage.
If anyone is more familiar with Temporal, is there a way clients could have had internal defense in depth that guards against tenant leakage at the provider (Temporal) level?
jiggunjer 5 hours ago [-]
Don't use namespaces. Wire up multi-tenant at the RBAC level. Need stronger isolation? Run another cluster.
UltraSane 4 hours ago [-]
Encrypting tenant data with per tenant keys is a good defense against this kind of thing.
bdj108 8 hours ago [-]
Things like this are inevitable, especially these days.
Rendered at 06:29:03 GMT+0000 (Coordinated Universal Time) with Vercel.
If anyone is more familiar with Temporal, is there a way clients could have had internal defense in depth that guards against tenant leakage at the provider (Temporal) level?