Merge pull request #22959 from tabbysable/master

Correct Privilege Escalation section
2020-08-19 10:29:22 -07:00 · 2020-08-19 10:29:22 -07:00 · 713f0f5e3a
parent 0bc01312ca 0a861ca7c0
commit 713f0f5e3a
1 changed files with 4 additions and 4 deletions
--- a/content/en/docs/concepts/security/pod-security-standards.md
+++ b/content/en/docs/concepts/security/pod-security-standards.md
@ -209,11 +209,11 @@ well as lower-trust users.The following listed controls should be enforced/disal
 		<tr>
 			<td>Privilege Escalation</td>
 			<td>
-				Privilege escalation to root should not be allowed.<br>
+				Privilege escalation (such as via set-user-ID or set-group-ID file mode) should not be allowed.<br>
 				<br><b>Restricted Fields:</b><br>
-				spec.containers[*].securityContext.privileged<br>
-				spec.initContainers[*].securityContext.privileged<br>
-				<br><b>Allowed Values:</b> false, undefined/nil<br>
+				spec.containers[*].securityContext.allowPrivilegeEscalation<br>
+				spec.initContainers[*].securityContext.allowPrivilegeEscalation<br>
+				<br><b>Allowed Values:</b> false<br>
 			</td>
 		</tr>
 		<tr>