make security policy explicit in the k8s example as per helm chart

2020-10-03 10:35:05 +02:00 · 2020-10-03 10:35:05 +02:00 · b84118dd88
commit b84118dd88
parent 6ab53b4699
1 changed files with 4 additions and 2 deletions
--- a/README.md
+++ b/README.md
@ -75,7 +75,7 @@ spec:
        command: ['65534:82', '/mnt']
        securityContext:
          runAsUser: 0
-          readOnlyRootFilesystem: True
+          readOnlyRootFilesystem: true
        volumeMounts:
        - mountPath: /mnt
          name: privatebin-data
@ -93,7 +93,9 @@ spec:
        securityContext:
          runAsUser: 65534
          runAsGroup: 82
-          readOnlyRootFilesystem: True
+          readOnlyRootFilesystem: true
+          privileged: false
+          allowPrivilegeEscalation: false
        livenessProbe:
          httpGet:
            path: /