I've been playing around with the environment variable replacement functionality in Nginx's official docker image so that a gateway can easily be deployed across multiple kubernetes environments.
From what I've seen, the variable replacement script will run and then generate files that are owned by the same user as the workers. If this is the case, couldn't a malicious actor use a worker to make edits to its own config file and then redirect traffic elsewhere, etc? It seems like a significant security risk.
I would like to avoid just having to supply a config via a configmap, but it seems like that would be the only secure solution at the moment. I also thought about using an init container that could dynamically generate a config based off env variables, although that could be difficult to replicate when running this solution locally for development purposes.
Variable Replacement Functionality for Reference: https://hub.docker.com/_/nginx#using-environment-variables-in-nginx-configuration-new-in-119
