This document summarizes and originates from this email thread, 
[Proposal to drop kubectl cp](https://groups.google.com/forum/?utm_medium=email&utm_source=footer#!msg/kubernetes-sig-cli/_zUy67lK49k/aE6vncYiAgAJ).   

This document aims to solidify the future of `kubectl cp` as a tool that provides basic function of copying files between local environments and pods.  Any advanced use cases
such as those involving symlinks or modifying file permissions should be performed outside of `kubectl cp` through `kubectl exec`, addons, or shell commands.    

Over the past few releases, there have been numerous security issues with `kubectl cp` that have resulted in release updates in all supported versions of kubectl.
At the same time,any new PR that extends `kubectl cp` must undergo extra reviews to evaluate security threats that may arise [1][2].  Over the past few months,
security fixes have required dropping edge cases and function of the command.  It is increasingly difficult to maintain a cp command that is both
useful and secure.  There are alternative approaches that provide the same function as `kubectl cp` [3].  Using `kubectl exec ...| tar`
provides transparency when copying files as well as mitigations for path traversals, symlink directory escapes, tar bombs, and other exploits.
Use of tar is more featureful, in that it can preserve file permissions and copy pod-to-pod.  Also, `kubectl cp` is dependent on the tar binary
in a container.  A malicious tar binary is outside of what `kubectl cp` can control.    

With all of this in mind the cost and risk of maintaining the cp command should be weighed against what is considered crucial functionality in kubectl. 
It's better to address 80% of use cases with a simple tool than trying to address the remaining 20% at the cost of risking those 80%.     

[1] https://github.com/kubernetes/kubernetes/pull/78622   
[2] https://github.com/kubernetes/kubernetes/pull/73053   
[3] https://gist.github.com/tallclair/9217e2694b5fdf27b55d6bd1fda01b53