github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/kubernetes/general/AVD-KSV-0026/docs.md

github.com/aquasecurity/trivy-iac@v0.8.1-0.20240127024015-3d8e412cf0ab/avd_docs/kubernetes/general/AVD-KSV-0026/docs.md (about)

     1  
     2  Sysctls can disable security mechanisms or affect all containers on a host, and should be disallowed except for an allowed 'safe' subset. A sysctl is considered safe if it is namespaced in the container or the Pod, and it is isolated from other Pods or processes on the same Node.
     3  
     4  ### Impact
     5  <!-- Add Impact here -->
     6  
     7  <!-- DO NOT CHANGE -->
     8  {{ remediationActions }}
     9  
    10  ### Links
    11  - https://kubernetes.io/docs/concepts/security/pod-security-standards/#baseline
    12  
    13