Get Involved

Query: Pod Security Policy should prohibit privilege escalation

Description

Pod Security Policy `allowPrivilegeEscalation` controls whether the Pod containers may request for privilege escalation. Containers in a Pod should not allow privilege escalation. A container running with the `allowPrivilegeEscalation` flag set to true may have processes that can gain more privileges than their parent.

Query

Tables used in this query:

kubernetes_pod_security_policy

Controls using this query:

5.2.5 Minimize the admission of containers with allowPrivilegeEscalation
Pod Security Policy should prohibit privilege escalation

Query: Pod Security Policy should prohibit privilege escalation

Description

Query

SQL