diff options
author | Valerij Fredriksen <valerijf@verizonmedia.com> | 2020-03-04 11:04:49 +0100 |
---|---|---|
committer | Valerij Fredriksen <valerijf@verizonmedia.com> | 2020-03-04 11:04:49 +0100 |
commit | 734fe0e9a6efb5a8d6174d9313fbcca0b4c64cfb (patch) | |
tree | 72e02e240a0c34c3a20f82a05c2e77723ab879d7 /flags | |
parent | b25f86aec251643031cb760bfa810318f177daba (diff) |
Set no-new-privileges security option on container if flag is set
Diffstat (limited to 'flags')
-rw-r--r-- | flags/src/main/java/com/yahoo/vespa/flags/Flags.java | 6 |
1 files changed, 3 insertions, 3 deletions
diff --git a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java index 05953f7d5b7..8fb3b2af4f6 100644 --- a/flags/src/main/java/com/yahoo/vespa/flags/Flags.java +++ b/flags/src/main/java/com/yahoo/vespa/flags/Flags.java @@ -200,9 +200,9 @@ public class Flags { public static final UnboundBooleanFlag RESTRICT_ACQUIRING_NEW_PRIVILEGES = defineFeatureFlag( "restrict-acquiring-new-privileges", false, - "Whether docker daemon should restrict containers from acquiring new privileges", - "Takes effect on next host admin tick", - HOSTNAME); + "Whether docker container processes should be prevented from acquiring new privileges", + "Takes effect on container creation", + APPLICATION_ID, HOSTNAME); public static final UnboundListFlag<String> AUDITED_PATHS = defineListFlag( "audited-paths", List.of(), String.class, |