We should have a way to control who's allowed to mount which SecretClass.

It's not really practical to control based on the deploying user, because the idea of a "source user" in the first place is about as clear as mud in K8s (the end user creating the StatefulSet? The controller creating the Pod from that? The controller creating the PersistentVolumeClaim from that? The controller creating the PersistentVolume from that?).

The best we could do would probably be to allowlist individual target Namespaces.

This is theoretically already possible via a K8s admission hook like OPA; we should either implement something native or document how to accomplish it using one of those.