mirror of
https://github.com/kubescape/kubescape.git
synced 2026-02-14 18:09:55 +00:00
57e435271e
The value of allowPrivilegeEscalation followed implicit default of Kubernetes: > AllowPrivilegeEscalation is true always when the container is: > 1) run as Privileged > 2) has CAP_SYS_ADMIN For users still using PodSecurityPolicy (or a follow-up product like OPA Gatekeeper or Kyverno), there might be mutating admission controllers which defaults this field to `false` if unset. A value of `false` would then conflict with `privileged: true`. Signed-off-by: Marco Kilchhofer <mkilchhofer@users.noreply.github.com>