github/kubernetes
4
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

allowPrivilegeEscalation: modify api types & add functionality

Browse Source 
Signed-off-by: Jess Frazelle <acidburn@google.com>
This commit is contained in:
Jess Frazelle
2017-06-26 15:13:28 -04:00
parent d2791d46e3
commit 0f349cc61f
15 changed files with 374 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
pkg/kubelet/kuberuntime/security_context.go
View File

@@ -66,6 +66,8 @@ func (m *kubeGenericRuntimeManager) determineEffectiveSecurityContext(pod *v1.Po
synthesized.SupplementalGroups = append(synthesized.SupplementalGroups, groups...)
}
synthesized.NoNewPrivs = securitycontext.AddNoNewPrivileges(effectiveSc)
return synthesized
}