InformationDeny execution of exec and attach commands in privileged pods.
Setting admission control policy to DenyEscalatingExec denies exec and attach commands to pods that run with escalated privileges that allow host access. This includes pods that run as privileged, have access to the host IPC namespace, and have access to the host PID namespace.
SolutionEdit the API server pod specification file /etc/kubernetes/manifests/kube-apiserver.yaml on the master node and set the --enable-admission-plugins parameter to a value that includes DenyEscalatingExec.
'exec' and 'attach' commands will not work in privileged pods.