Search Options

Results per page
Sort
Preferred Languages
Advance

Results 1 - 10 of 313 for AllowPrivilegeEscalation (0.27 sec)

  2. github.com/kubernetes/kubernetes

    pkg/securitycontext/util_test.go 

    		sc     *v1.SecurityContext
		expect bool
	}{
		"allowPrivilegeEscalation nil security context nil": {
			sc:     nil,
			expect: false,
		},
		"allowPrivilegeEscalation nil": {
			sc: &v1.SecurityContext{
				AllowPrivilegeEscalation: nil,
			},
			expect: false,
		},
		"allowPrivilegeEscalation false": {
			sc: &v1.SecurityContext{
				AllowPrivilegeEscalation: &pfalse,
			},
			expect: true,
		},
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Tue May 05 01:25:23 UTC 2020
    - 5K bytes
    - Viewed (0)
  3. github.com/kubernetes/kubernetes

    pkg/securitycontext/accessors_test.go 

    			t.Errorf("%d: expected %#v, got %#v", i, expected.SeccompProfile, v)
		}
		if v := a.AllowPrivilegeEscalation(); !reflect.DeepEqual(expected.AllowPrivilegeEscalation, v) {
			t.Errorf("%d: expected %#v, got %#v", i, expected.AllowPrivilegeEscalation, v)
		}
	}
}

func TestContainerSecurityContextMutator(t *testing.T) {
	testcases := map[string]struct {
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 22 16:15:27 UTC 2023
    - 27.8K bytes
    - Viewed (0)
  4. github.com/istio/istio

    samples/bookinfo/platform/kube/bookinfo-psa.yaml 

          - name: details
        image: docker.io/istio/examples-bookinfo-details-v1:1.20.1
        imagePullPolicy: IfNotPresent
        ports:
        - containerPort: 9080
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
              - all
          runAsNonRoot: true
---
##################################################################################################
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Mon Jun 03 19:54:05 UTC 2024
    - 8.1K bytes
    - Viewed (0)
  5. github.com/kubernetes/kubernetes

    pkg/securitycontext/util.go 

    		*effectiveSc.ReadOnlyRootFilesystem = *containerSc.ReadOnlyRootFilesystem
	}

	if containerSc.AllowPrivilegeEscalation != nil {
		effectiveSc.AllowPrivilegeEscalation = new(bool)
		*effectiveSc.AllowPrivilegeEscalation = *containerSc.AllowPrivilegeEscalation
	}

	if containerSc.ProcMount != nil {
		effectiveSc.ProcMount = new(v1.ProcMountType)
		*effectiveSc.ProcMount = *containerSc.ProcMount
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 15 07:28:24 UTC 2023
    - 7.5K bytes
    - Viewed (0)
  6. github.com/istio/istio

    pkg/kube/inject/testdata/inject/enable-core-dump.yaml.injected 

            resources:
          limits:
            cpu: "2"
            memory: 1Gi
          requests:
            cpu: 100m
            memory: 128Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          privileged: false
          readOnlyRootFilesystem: false
          runAsGroup: 1337
          runAsNonRoot: true
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Feb 27 16:55:16 UTC 2024
    - 7.3K bytes
    - Viewed (0)
  7. github.com/kubernetes/kubernetes

    pkg/securitycontext/accessors.go 

    }

func (w *containerSecurityContextWrapper) AllowPrivilegeEscalation() *bool {
	if w.containerSC == nil {
		return nil
	}
	return w.containerSC.AllowPrivilegeEscalation
}
func (w *containerSecurityContextWrapper) SetAllowPrivilegeEscalation(v *bool) {
	if w.containerSC == nil && v == nil {
		return
	}
	w.ensureContainerSC()
	w.containerSC.AllowPrivilegeEscalation = v
}
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed Feb 22 16:15:27 UTC 2023
    - 14.4K bytes
    - Viewed (0)
  8. github.com/istio/istio

    pkg/kube/inject/testdata/inject/proxy-override.yaml.injected 

            sidecar.istio.io/status: '{"initContainers":["istio-init"],"containers":["istio-proxy"],"...
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Feb 27 16:55:16 UTC 2024
    - 7.3K bytes
    - Viewed (0)
  9. github.com/istio/istio

    pkg/kube/inject/testdata/inject/enable-core-dump-annotation.yaml.injected 

            resources:
          limits:
            cpu: "2"
            memory: 1Gi
          requests:
            cpu: 100m
            memory: 128Mi
        securityContext:
          allowPrivilegeEscalation: false
          capabilities:
            drop:
            - ALL
          privileged: false
          readOnlyRootFilesystem: false
          runAsGroup: 1337
          runAsNonRoot: true
    Registered: Fri Jun 14 15:00:06 UTC 2024
    - Last Modified: Tue Feb 27 16:55:16 UTC 2024
    - 7.3K bytes
    - Viewed (0)
  10. github.com/kubernetes/kubernetes

    hack/testdata/pod-restricted-runtime-default.yaml 

      containers:
  - image: busybox
    name: target
    command: ["/bin/sh", "-c", "sleep 100"]
    securityContext:
        runAsUser: 1000
        runAsGroup: 1000
        runAsNonRoot: true
        allowPrivilegeEscalation: false
        capabilities:
          drop:
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 24 11:16:49 UTC 2023
    - 437 bytes
    - Viewed (0)
  11. github.com/kubernetes/kubernetes

    hack/testdata/pod-restricted-localhost.yaml 

      containers:
  - image: busybox
    name: target
    command: ["/bin/sh", "-c", "sleep 100"]
    securityContext:
        runAsUser: 1000
        runAsGroup: 1000
        runAsNonRoot: true
        allowPrivilegeEscalation: false
        capabilities:
          drop:
    Registered: Sat Jun 15 01:39:40 UTC 2024
    - Last Modified: Wed May 24 11:16:49 UTC 2023
    - 467 bytes
    - Viewed (0)
Back to top