Add Container Security Context by Default

Question

JuanPabloSGU opened this issue 2 years ago · 0 comments

Summary

Currently it seems that

capabilites:
  drop:
    - ALL

is missing from the container security context. If the container does not require those capabilities, would it be possible to drop them by default?

When would you use this?

If this is implemented by default I believe that it would increase the security posture of every cluster that uses this.

Message from the maintainers:

Impacted by this bug? Give it a 👍. We prioritise the issues with the most 👍.