ArmoBest, NSA, YAML-scanning, AllControls
Attackers may gain access to a container and uplift its privilege to enable excessive capabilities.
CronJob, DaemonSet, Deployment, Job, Pod, PodSecurityPolicy, ReplicaSet, StatefulSet
Check that the allowPrivilegeEscalation field in securityContext of container is set to false.
If your application does not need it, make sure the allowPrivilegeEscalation field of the securityContext is set to false.
apiVersion: apps/v1 kind: Deployment metadata: name: nginx-deployment spec: replicas: 1 template: spec: containers: - name: nginx image: nginx:latest securityContext: allowPrivilegeEscalation: false # this field should be set to false explicitly
Updated about 2 months ago