}
		return o.DecryptedSize()
	}

	return o.Size, nil
}

// Disabling compression for encrypted enabled requests.
// Using compression and encryption together enables room for side channel attacks.
// Eliminate non-compressible objects by extensions/content-types.
func isCompressible(header http.Header, object string) bool {
	globalCompressConfigMu.Lock()
	cfg := globalCompressConfig

		header.Set("X-XSS-Protection", "1; mode=block")                                // Prevents against XSS attacks
		header.Set("X-Content-Type-Options", "nosniff")                                // Prevent mime-sniff
		header.Set("Strict-Transport-Security", "max-age=31536000; includeSubDomains") // HSTS mitigates variants of MITM attacks

		// Previously, this value was set right before a response was sent to

		fmt.Println(profFName)
		fmt.Println(strings.Repeat("=", len(profFName)))
		fmt.Println("")

		for t, stacks := range r {
			if less != 0 && t >= less {
				continue
			}
			if goTime == 0 || math.Abs(float64(t)-float64(goTime)) <= float64(margin) {
				for _, stack := range stacks {
					fmt.Println(stack)
				}
			}
		}
	}

// Leak detection is done when tests are run, should ignore the tests related functions,
// and other runtime functions while identifying leaks.
var ignoredStackFns = []string{
	"",
	// Below are the stacks ignored by the upstream leaktest code.
	"testing.Main(",
	"testing.tRunner(",
	"testing.tRunner(",
	"runtime.goexit",
	"created by runtime.gc",
	// ignore the snapshot function.

// error returned in IAM subsystem when groups doesn't exist.
var errNoSuchGroup = errors.New("Specified group does not exist")

// error returned in IAM subsystem when a policy attach/detach request has no
// net effect, i.e. it is already applied.
var errNoPolicyToAttachOrDetach = errors.New("Specified policy update has no net effect")

// error returned in IAM subsystem when a non-empty group needs to be

	}

	if owner {
		t.Fatalf("Expected owner to be 'false', found %t", owner)
	}

	_, err = globalIAMSys.PolicyDBSet(ctx, ucreds.AccessKey, "consoleAdmin", regUser, false)
	if err != nil {
		t.Fatalf("unable to attach policy to credential, %s", err)
	}

	time.Sleep(4 * time.Second)

	policies, err := globalIAMSys.PolicyDBGet(ucreds.AccessKey)
	if err != nil {
		t.Fatalf("unable to get policy to credential, %s", err)
	}

			HandlerFunc(adminMiddleware(adminAPI.SetPolicyForUserOrGroup)).
			Queries("policyName", "{policyName:.*}", "userOrGroup", "{userOrGroup:.*}", "isGroup", "{isGroup:true|false}")

		// Attach/Detach policies to/from user or group
		adminRouter.Methods(http.MethodPost).Path(adminVersion + "/idp/builtin/policy/{operation}").HandlerFunc(adminMiddleware(adminAPI.AttachDetachPolicyBuiltin))

		// Remove user IAM

			default:
				return fmt.Errorf("output format %q not supported", common.outputFormat)
			}
		}),
		ValidArgsFunction: completion.ValidPodsNameArgs(ctx),
	}

	common.attach(cmd)

	return cmd
}

func servicesCmd(ctx cli.Context) *cobra.Command {
	var serviceNamespace string
	common := new(commonFlags)
	cmd := &cobra.Command{
		Use:   "service",

	existingPolicySet := mp.policySet()
	policiesToUpdate := set.CreateStringSet(policies...)
	var newPolicySet set.StringSet
	newPolicyMapping := mp
	if isAttach {
		// new policies to attach => inputPolicies - existing (set difference)
		policiesToUpdate = policiesToUpdate.Difference(existingPolicySet)
		// validate that new policies to add are defined.
		for _, p := range policiesToUpdate.ToSlice() {

		cmd *cobra.Command, args []string, toComplete string,
	) ([]string, cobra.ShellCompDirective) {
		return completion.ValidNamespaceArgs(cmd, ctx, args, toComplete)
	})

	// Attach the Istio logging options to the command.
	root.LoggingOptions.AttachCobraFlags(rootCmd)
	hiddenFlags := []string{
		"log_as_json", "log_rotate", "log_rotate_max_age", "log_rotate_max_backups",