-
Notifications
You must be signed in to change notification settings - Fork 247
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Creating a Deployment defaults to "Allow Privilege Escalation" #7165
Comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Internal reference: SURE-3663
Request description:
When users create Deployments in the Rancher Cluster Explorer UI, the setting under "Security Context" -> "Privilege Escalation" defaults to "Yes, container can gain more privileges than its parent process"
Users will fail to create deployments by default (at least when e.g. setting the "Run as User ID" field). The security context parameter is not added to the deployment unless one parameter is set, however when some parameter is set the Privilege Escalation option is set to yes by default.
This could be considered a more secure means of running Kubernetes, which would help with RKE2 strategy to align with other usage within the product.
Actual behavior:
Privilege Escalation in the security context tab is set to
yes
by defaultExpected behavior:
Privilege Escalation in the security context tab is set to
no
by defaultAdditional notes:
Instead of choosing between one default or another, it would be helpful to have a way to select the default config options in the UI for each user.
The text was updated successfully, but these errors were encountered: