d330226a95
Merge remote-tracking branch 'upstream/main' into dev-1.23
2021-11-17 12:55:09 -05:00
e50ce5f269
PodSecurity: runAsUser
2021-10-28 11:21:02 -04:00
b1d1fc369e
Minor typo corrections and improvements for 'Overview of Cloud Native Security' page ( #30185 )
...
* Update overview.md
Minor typo corrections and improvements.
* Update overview.md
* Fix broken link
2021-10-27 05:53:25 -07:00
dad01370f8
add kyverno and fix OPA/GK link
...
Signed-off-by: Jim Bugwadia <jim@nirmata.com>
2021-08-18 11:07:02 -07:00
08387d8434
add kubewarden as an alternative to enforce security profiles
...
add third-party content shortcode and list
2021-08-10 07:41:30 -07:00
af2f72ad59
Windows HostProcess Container Documentation ( #28413 )
...
* Rebasing HostProcess security changes.
* Incorporated initial round of feedback
* Minor wording updates
* Finished up remaining todo items
* Apply suggestions from code review
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Mark Rossetti <marosset@microsoft.com>
* Moved HostProcess security documentation into PSS and create-host-process-pod docs
* Updated with for James' review
* Apply suggestions from code review
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
* Minor edits
* Modifications for additional feedback
Co-authored-by: Jordan Liggitt <jordan@liggitt.net>
Co-authored-by: Mark Rossetti <marosset@microsoft.com>
Co-authored-by: Tim Bannister <tim@scalefactory.com>
Co-authored-by: James Sturtevant <jsturtevant@gmail.com>
2021-07-27 00:50:45 -07:00
e0d4b53b1c
incorporating initial round of feedback
2021-07-21 15:33:46 +00:00
37dd90d81a
feature: Pod Security Standards documentation
2021-07-12 12:53:36 +00:00
b3aef35da7
Use shortcode for PodSecurityPolicy examples
2021-06-19 01:47:52 +01:00
dcd2dd4852
Update SELinux standards ( #27653 )
...
* Update SELinux standards
* address feedback
2021-05-14 11:19:59 -07:00
6645f390f6
Remove "defalut" from the baseline policy name
2021-02-16 11:36:36 -08:00
70eba58d3b
Contex to Context
2020-09-19 16:48:42 +05:30
70b75e16f0
Merge pull request #22981 from shuuji3/en/replace-special-quote-with-normal-ones
...
Replace special quote characters with normal ones
2020-08-26 14:55:02 -07:00
95c94c03d5
resolving conflicts
2020-08-23 12:13:37 -04:00
c6a96128c4
Replace special quote characters with normal ones.
2020-08-11 21:05:22 +09:00
0a861ca7c0
use traditional UNIX language
...
Refer to the 02000 and 04000 bits in file permissions as "set-user-ID mode" and "set-group-ID mode", as the UNIX manuals have done since 4th edition per suggestion by sftim
2020-08-06 21:55:41 -05:00
aa8e0d6677
Correct Privilege Escalation section
2020-08-04 14:23:42 -05:00
e2a861c2f9
Merge remote-tracking branch 'upstream/master' into dev-1.19
2020-07-27 19:10:42 -04:00
3ad7ea77f1
Add documentation for generally available seccomp functionality
...
Signed-off-by: hasheddan <georgedanielmangum@gmail.com>
2020-07-20 13:51:17 -05:00
259655797b
Remove container level supplementalGroups and fsgroup
2020-07-02 11:07:24 -07:00
29f3c2858c
Merge pull request #21591 from scottstout/master
...
Changed whitelist to allowlist and blacklist to denylist.
2020-06-10 16:12:56 -07:00
ecc27bbbe7
add en pages
2020-06-09 19:33:15 -04:00
e38b9dc9c6
revised to minumize usage of whitelist/blacklist
2020-06-09 14:14:52 -05:00
9065e168f0
Minor cleanup of standardized pod security
2020-06-04 11:22:52 -07:00
44db1a13c9
Add missing PSP restrictions to standard security profiles
2020-06-02 17:13:12 -07:00
75652e8585
Standardized pod security profiles
2020-05-20 16:54:37 -07:00
Jesse Butler
Jordan Liggitt
Guilherme Macedo
Jim Bugwadia
Rey Lejano
Brandon Smith
Samuel Roth
Tim Bannister
Tim Allclair
Tej-Singh-Rana
Kubernetes Prow Robot
Savitha Raghunathan
TAKAHASHI Shuuji
Tabitha Sable
hasheddan
Sertaç Özercan
Karen Bradshaw
Scott Stout
Tim Allclair