What is allowPrivilegeEscalation setting of securityContext used for in Kubernetes container manifest?

Experience Level: Senior
Tags: Kubernetes

Answer

AllowPrivilegeEscalation setting controls whether a process can gain more privileges than its parent process. This bool directly controls whether the no_new_privs flag gets set on the container process. AllowPrivilegeEscalation is true always when the container is: 1) run as Privileged OR 2) has CAP_SYS_ADMIN.

Comments

No Comments Yet.
Be the first to tell us what you think.
Kubernetes Certified Application Developer (CKAD) preparation
Kubernetes Certified Application Developer (CKAD) preparation

Are you learning Kubernetes ? Try our test we designed to help you progress faster.

Test yourself
Kubernetes
Kubernetes

Are you learning Kubernetes ? Try our test we designed to help you progress faster.

Test yourself