Add Container Security Context by Default
JuanPabloSGU opened this issue · 0 comments
JuanPabloSGU commented
Summary
Currently it seems that
capabilites:
drop:
- ALL
is missing from the container security context. If the container does not require those capabilities, would it be possible to drop them by default?
Use Cases
When would you use this?
If this is implemented by default I believe that it would increase the security posture of every cluster that uses this.
Message from the maintainers:
Impacted by this bug? Give it a 👍. We prioritise the issues with the most 👍.