Search Options

Results per page
Sort
Preferred Languages
Advance

Results 31 - 40 of 57 for privileges (0.11 sec)

  1. .devcontainer/devcontainer.json

    {
      "name": "istio build-tools",
      "image": "gcr.io/istio-testing/build-tools:master-c67afcee625a4b91bdde7da65c9867f98248691e",
      "privileged": true,
      "remoteEnv": {
        "USE_GKE_GCLOUD_AUTH_PLUGIN": "True",
        "BUILD_WITH_CONTAINER": "0",
        "CARGO_HOME": "/home/.cargo",
        "RUSTUP_HOME": "/home/.rustup"
      },
      "features": {
        "ghcr.io/devcontainers/features/docker-outside-of-docker:1": {},
        "ghcr.io/mpriscella/features/kind:1": {}
      },
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Wed Nov 06 04:52:54 UTC 2024
    - 879 bytes
    - Viewed (0)
  2. cni/pkg/util/podutil.go

    		Patch(
    			context.Background(),
    			pod.Name,
    			types.MergePatchType,
    			annotationPatch,
    			metav1.PatchOptions{},
    			// Both "pods" and "pods/status" can mutate the metadata. However, pods/status is lower privilege, so we use that instead.
    			"status",
    		)
    	return err
    }
    
    func AnnotateUnenrollPod(client kubernetes.Interface, pod *metav1.ObjectMeta) error {
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Wed Oct 09 16:05:45 UTC 2024
    - 4.7K bytes
    - Viewed (0)
  3. okhttp-testing-support/src/main/kotlin/okhttp3/internal/concurrent/TaskFaker.kt

     * This class ensures that at most one thread is running at a time. This is initially the JUnit test
     * thread, which yields its execution privilege while calling [runTasks], [runNextTask], or
     * [advanceUntil]. These functions don't return until the task threads are all idle.
     *
     * Task threads release their execution privilege in these ways:
     *
     *  * By yielding in [TaskRunner.Backend.coordinatorWait].
     *  * By yielding in [BlockingQueue.poll].
    Registered: Fri Nov 01 11:42:11 UTC 2024
    - Last Modified: Mon Apr 29 00:33:04 UTC 2024
    - 12.6K bytes
    - Viewed (0)
  4. CHANGELOG/CHANGELOG-1.11.md

    * The Kubelet's deprecated `--allow-privileged` flag now defaults to true. This enables users to stop setting `--allow-privileged` in order to transition to `PodSecurityPolicy`. Previously, users had to continue setting `--allow-privileged`, because the default was false. ([#63442](https://github.com/kubernetes/kubernetes/pull/63442), [@mtaufen](https://github.com/mtaufen))
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Feb 06 06:04:15 UTC 2020
    - 328.4K bytes
    - Viewed (0)
  5. CHANGELOG/CHANGELOG-1.24.md

        - [CVE-2023-3676: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3676-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
        - [CVE-2023-3955: Insufficient input sanitization on Windows nodes leads to privilege escalation](#cve-2023-3955-insufficient-input-sanitization-on-windows-nodes-leads-to-privilege-escalation)
      - [Changes by Kind](#changes-by-kind)
        - [Feature](#feature)
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu Aug 24 00:02:43 UTC 2023
    - 473.4K bytes
    - Viewed (0)
  6. guava/src/com/google/common/cache/Cache.java

       * for an RPC may wait for a similar call that requests a long timeout, or a call by an
       * unprivileged user may return a resource accessible only to a privileged user making a similar
       * call. To prevent this problem, create a key object that includes all values that affect the
       * result of the query. Or use {@code LoadingCache.get(K)}, which lacks the ability to refer to
    Registered: Fri Nov 01 12:43:10 UTC 2024
    - Last Modified: Sun Aug 07 02:38:22 UTC 2022
    - 7.9K bytes
    - Viewed (0)
  7. CHANGELOG/CHANGELOG-1.13.md

    ### SIG Auth
    
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Thu May 05 13:44:43 UTC 2022
    - 273.1K bytes
    - Viewed (0)
  8. CHANGELOG/CHANGELOG-1.19.md

    - Dockershim security: pod sandbox now always run with `no-new-privileges` and `runtime/default` seccomp profile
    Registered: Fri Nov 01 09:05:11 UTC 2024
    - Last Modified: Wed Jan 05 05:42:32 UTC 2022
    - 489.7K bytes
    - Viewed (0)
  9. cni/pkg/iptables/iptables.go

    	// within all pods as we do on the host.
    	//
    	// This should be fine, as the host binaries are all we have to work with here anyway,
    	// as we are running within a privileged container - and we don't want to take the time to
    	// redetect for each pod anyway.
    	//
    	// Extreme corner case:
    	// If for some reason your host had both binaries, and you were injecting out-of-band
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Tue Oct 15 15:39:28 UTC 2024
    - 23.3K bytes
    - Viewed (0)
  10. architecture/environments/operator.md

    1. [CLI](#cli) code. CLI code shares the `IstioOperatorSpec` API with
    the controller, but allows manifests to be generated and optionally applied from the command line without the need to
    run a privileged controller in the cluster.
    1. [Migration tools](#migration-tools). The migration tools are intended to
    automate configuration migration from Helm to the operator.
    
    Registered: Wed Nov 06 22:53:10 UTC 2024
    - Last Modified: Mon Jul 29 21:11:35 UTC 2024
    - 13.2K bytes
    - Viewed (0)
Back to top