From ad7c2efd45d01d70956a815841e719a20a1cb407 Mon Sep 17 00:00:00 2001
From: Andy Pitcher <andy.pitcher@suse.com>
Date: Fri, 10 Jan 2025 14:39:31 +0100
Subject: [PATCH] Fix 5.2.6 remediation

---
 cfg/cis-1.10/policies.yaml | 6 +++---
 1 file changed, 3 insertions(+), 3 deletions(-)

diff --git a/cfg/cis-1.10/policies.yaml b/cfg/cis-1.10/policies.yaml
index 93ccd94d0..eee0163a1 100644
--- a/cfg/cis-1.10/policies.yaml
+++ b/cfg/cis-1.10/policies.yaml
@@ -369,9 +369,9 @@ groups:
                 value: true
         remediation: |
           Add policies to each namespace in the cluster which has user workloads to restrict the
-          admission of containers with `.spec.allowPrivilegeEscalation` set to `true`.
-          Audit: the audit retrieves each Pod's container(s) `.spec.allowPrivilegeEscalation`.
-          Condition: is_compliant is false if container's `.spec.allowPrivilegeEscalation` is set to `true`.
+          admission of containers with `.securityContext.allowPrivilegeEscalation` set to `true`.
+          Audit: the audit retrieves each Pod's container(s) `.securityContext.allowPrivilegeEscalation`.
+          Condition: is_compliant is false if container's `.securityContext.allowPrivilegeEscalation` is set to `true`.
           Default: If notset, privilege escalation is allowed (default to true). However if PSP/PSA is used with a `restricted` profile,
           privilege escalation is explicitly disallowed unless configured otherwise.
         scored: false