diff --git a/package/cfg/k3s-cis-1.23-hardened/policies.yaml b/package/cfg/k3s-cis-1.23-hardened/policies.yaml index 92216e4a..4616ff72 100644 --- a/package/cfg/k3s-cis-1.23-hardened/policies.yaml +++ b/package/cfg/k3s-cis-1.23-hardened/policies.yaml @@ -152,8 +152,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.23-permissive/policies.yaml b/package/cfg/k3s-cis-1.23-permissive/policies.yaml index 2028260f..dc62b4fd 100644 --- a/package/cfg/k3s-cis-1.23-permissive/policies.yaml +++ b/package/cfg/k3s-cis-1.23-permissive/policies.yaml @@ -152,8 +152,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.24-hardened/policies.yaml b/package/cfg/k3s-cis-1.24-hardened/policies.yaml index b59afc67..3ab3eb4b 100644 --- a/package/cfg/k3s-cis-1.24-hardened/policies.yaml +++ b/package/cfg/k3s-cis-1.24-hardened/policies.yaml @@ -152,8 +152,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.24-permissive/policies.yaml b/package/cfg/k3s-cis-1.24-permissive/policies.yaml index b59afc67..3ab3eb4b 100644 --- a/package/cfg/k3s-cis-1.24-permissive/policies.yaml +++ b/package/cfg/k3s-cis-1.24-permissive/policies.yaml @@ -152,8 +152,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.7-hardened/policies.yaml b/package/cfg/k3s-cis-1.7-hardened/policies.yaml index 608f26f2..7d211076 100644 --- a/package/cfg/k3s-cis-1.7-hardened/policies.yaml +++ b/package/cfg/k3s-cis-1.7-hardened/policies.yaml @@ -191,8 +191,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.7-permissive/policies.yaml b/package/cfg/k3s-cis-1.7-permissive/policies.yaml index 4751621c..030e1f21 100644 --- a/package/cfg/k3s-cis-1.7-permissive/policies.yaml +++ b/package/cfg/k3s-cis-1.7-permissive/policies.yaml @@ -199,8 +199,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.8-hardened/policies.yaml b/package/cfg/k3s-cis-1.8-hardened/policies.yaml index c7e7199c..dc0e6b3a 100644 --- a/package/cfg/k3s-cis-1.8-hardened/policies.yaml +++ b/package/cfg/k3s-cis-1.8-hardened/policies.yaml @@ -191,8 +191,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false diff --git a/package/cfg/k3s-cis-1.8-permissive/policies.yaml b/package/cfg/k3s-cis-1.8-permissive/policies.yaml index 7c8fc810..41625364 100644 --- a/package/cfg/k3s-cis-1.8-permissive/policies.yaml +++ b/package/cfg/k3s-cis-1.8-permissive/policies.yaml @@ -199,8 +199,8 @@ groups: text: "Minimize the admission of containers with capabilities assigned (Manual)" type: "manual" remediation: | - Review the use of capabilites in applications running on your cluster. Where a namespace - contains applicaions which do not require any Linux capabities to operate consider adding + Review the use of capabilities in applications running on your cluster. Where a namespace + contains applications which do not require any Linux capabities to operate consider adding a PSP which forbids the admission of containers which do not drop all capabilities. scored: false