- Sort Score
- Result 10 results
- Languages All
Results 31 - 40 of 473 for privilege (0.29 sec)
-
CHANGELOG/CHANGELOG-1.24.md
- [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation) - [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation) - [Changes by Kind](#changes-by-kind) - [Feature](#feature)
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Aug 24 00:02:43 UTC 2023 - 473.4K bytes - Viewed (0) -
operator/pkg/apis/istio/v1alpha1/values_types.pb.go
// Enables privileged securityContext for the istio-proxy container. // // See https://kubernetes.io/docs/tasks/configure-pod-container/security-context/ Privileged *wrapperspb.BoolValue `protobuf:"bytes,19,opt,name=privileged,proto3" json:"privileged,omitempty"` // Sets the initial delay for readiness probes in seconds.
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Mon Jun 03 01:55:05 UTC 2024 - 329.6K bytes - Viewed (0) -
CHANGELOG/CHANGELOG-1.17.md
- kube-dns add-on: - All containers are now being executed under more restrictive privileges. - Most of the containers now run as non-root user and has the root filesystem set as read-only. - The remaining container running as root only has the minimum Linux capabilities it requires to run.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Jan 28 10:44:33 UTC 2021 - 346.2K bytes - Viewed (1) -
cmd/kubeadm/app/util/arguments_test.go
"--allow-privileged=true", }, expected: []kubeadmapi.Arg{ {Name: "admission-control", Value: "NamespaceLifecycle,LimitRanger"}, {Name: "allow-privileged", Value: "true"}, }, }, { name: "test that feature-gates is working", args: []string{ "--admission-control=NamespaceLifecycle,LimitRanger", "--allow-privileged=true",
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Aug 16 10:27:05 UTC 2023 - 8.9K bytes - Viewed (0) -
cni/README.md
## Privileges required
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 03 19:29:42 UTC 2024 - 12.3K bytes - Viewed (0) -
pkg/securitycontext/accessors_test.go
func TestContainerSecurityContextAccessor(t *testing.T) { privileged := true runAsUser := int64(1) runAsGroup := int64(1) runAsNonRoot := true readOnlyRootFilesystem := true allowPrivilegeEscalation := true testcases := []*api.SecurityContext{ nil, {}, {Capabilities: &api.Capabilities{Drop: []api.Capability{"test"}}}, {Privileged: &privileged}, {SELinuxOptions: &api.SELinuxOptions{User: "bob"}},
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 22 16:15:27 UTC 2023 - 27.8K bytes - Viewed (0) -
cmd/kubeadm/app/preflight/checks_windows.go
) // Check validates if a user has elevated (administrator) privileges. func (ipuc IsPrivilegedUserCheck) Check() (warnings, errorList []error) { hProcessToken := windows.GetCurrentProcessToken() if hProcessToken.IsElevated() { return nil, nil } return nil, []error{errors.New("the kubeadm process must be run by a user with elevated privileges")} } // Check number of memory required by kubeadm // No-op for Windows.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu May 02 17:23:02 UTC 2024 - 1.2K bytes - Viewed (0) -
pkg/securitycontext/fake.go
func ValidSecurityContextWithContainerDefaults() *v1.SecurityContext { priv := false defProcMount := v1.DefaultProcMount return &v1.SecurityContext{ Capabilities: &v1.Capabilities{}, Privileged: &priv, ProcMount: &defProcMount, } } // ValidInternalSecurityContextWithContainerDefaults creates a valid security context provider based on // empty container defaults. Used for testing.
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Thu Dec 20 19:43:52 UTC 2018 - 1.4K bytes - Viewed (0) -
pkg/securitycontext/accessors.go
w.containerSC.Capabilities = v } func (w *containerSecurityContextWrapper) Privileged() *bool { if w.containerSC == nil { return nil } return w.containerSC.Privileged } func (w *containerSecurityContextWrapper) SetPrivileged(v *bool) { if w.containerSC == nil && v == nil { return } w.ensureContainerSC() w.containerSC.Privileged = v }
Registered: Sat Jun 15 01:39:40 UTC 2024 - Last Modified: Wed Feb 22 16:15:27 UTC 2023 - 14.4K bytes - Viewed (0) -
manifests/charts/istio-control/istio-discovery/files/injection-template.yaml
value: "{{ $value }}" {{- end }} {{- end }} resources: {{ template "resources" . }} securityContext: allowPrivilegeEscalation: {{ .Values.global.proxy.privileged }} privileged: {{ .Values.global.proxy.privileged }} capabilities: {{- if not (or .Values.pilot.cni.enabled .Values.istio_cni.enabled) }} add: - NET_ADMIN - NET_RAW {{- end }} drop:
Registered: Fri Jun 14 15:00:06 UTC 2024 - Last Modified: Fri May 10 21:01:52 UTC 2024 - 23.8K bytes - Viewed (0)