github/polaris
1
0
Fork 0
mirror of https://github.com/FairwindsOps/polaris.git synced 2026-05-14 05:06:59 +00:00
Code Issues Packages Projects Releases Wiki Activity
Files
patch-release
polaris/test/checks/insecureCapabilities/failure.drop-most.yaml
Robert Brennan c16aac808f fix checks for k8s defaults (#496) 
* fix insecure caps check

* add more tests

* fix privilege escalation allowed
2021-02-11 17:11:16 -05:00

30 lines
471 B
YAML
Raw Permalink Blame History

apiVersion: v1
kind: Pod
metadata:
name: nginx
labels:
env: test
spec:
containers:
- name: nginx
image: nginx
securityContext:
capabilities:
drop:
- NET_ADMIN
- CHOWN
- DAC_OVERRIDE
- FSETID
- FOWNER
- MKNOD
- NET_RAW
- SETGID
- SETUID
- SETFCAP
- SETPCAP
- NET_BIND_SERVICE
- SYS_CHROOT
- KILL
Reference in New Issue View Git Blame Copy Permalink