Merge pull request #22959 from tabbysable/master

k8s-ci-robot · web-flow · commit 713f0f5e3a18 · 2020-08-19T10:29:22.000-07:00
Correct Privilege Escalation section
diff --git a/content/en/docs/concepts/security/pod-security-standards.md b/content/en/docs/concepts/security/pod-security-standards.md
@@ -209,11 +209,11 @@ well as lower-trust users.The following listed controls should be enforced/disal
 		<tr>
 			<td>Privilege Escalation</td>
 			<td>
-				Privilege escalation to root should not be allowed.<br>
+				Privilege escalation (such as via set-user-ID or set-group-ID file mode) should not be allowed.<br>
 				<br><b>Restricted Fields:</b><br>
-				spec.containers[*].securityContext.privileged<br>
-				spec.initContainers[*].securityContext.privileged<br>
-				<br><b>Allowed Values:</b> false, undefined/nil<br>
+				spec.containers[*].securityContext.allowPrivilegeEscalation<br>
+				spec.initContainers[*].securityContext.allowPrivilegeEscalation<br>
+				<br><b>Allowed Values:</b> false<br>
 			</td>
 		</tr>
 		<tr>
