KubeLinter is a static analysis tool that checks Kubernetes YAML files and Helm charts to ensure the applications represented in them adhere to best practices.
Description of the problem/feature request
Add a check or option to check if containers explicitly set allowPrivilegeEscalation to false. Explicitly setting this to false is generally regarded as good security practice.
Description of the existing behavior vs. expected behavior
The existing privilege-escalation-container doesn't trigger on this condition, I imagine intentionally since allowPrivilegeEscalation is determined by a variety of factors and can be restricted in other ways.
Description of the problem/feature request Add a check or option to check if containers explicitly set allowPrivilegeEscalation to false. Explicitly setting this to false is generally regarded as good security practice.
Description of the existing behavior vs. expected behavior
The existing
privilege-escalation-containerdoesn't trigger on this condition, I imagine intentionally since allowPrivilegeEscalation is determined by a variety of factors and can be restricted in other ways.