Avoid Running Privileged Containers

Ensure containers' privileged is false.

Policy Details

Policy Subtype
Build
Severity
High
Template Type
Kubernetes

Build Rules

Avoid running privileged containers .
JSON Query:
$.spec.template.spec.containers[*].securityContext.privileged any true
Recommendation:
Recommended solution for making sure containers running are not privileged.
It is recommended not to run containers as privileged. Please make sure "privileged" has value set to "false".
For example:
"spec": { "containers": [ { "name": "pause", "image": "k8s.gcr.io/pause", "securityContext": { "privileged": false } } ] }

Recommended For You