policylibrary: rename to privileges-raise.yaml

Signed-off-by: Djalal Harouni <[email protected]>
cilium · Jan 10, 2024 · bb8d654 · bb8d654
1 parent 17f5673
commit bb8d654
Show file tree

Hide file tree

Showing 2 changed files with 8 additions and 4 deletions.
diff --git a/docs/content/en/docs/policy-library/observability/_index.md b/docs/content/en/docs/policy-library/observability/_index.md
@@ -241,7 +241,7 @@ best-practice to identify when privileges are raised.
 
 ### Policy
 
-The [privileges-setuid-root.yaml](https://raw.githubusercontent.com/cilium/tetragon/main/examples/policylibrary/privileges/privileges-setuid-root.yaml) is a catch all to the various interfaces of `setuid()` and `setgid()` to root.
+The [privileges-raise.yaml](https://raw.githubusercontent.com/cilium/tetragon/main/examples/policylibrary/privileges/privileges-raise.yaml) is a catch all to the various interfaces of `setuid()` and `setgid()` to root.
 
 ### Example jq Filter
 

diff --git a/...ry/privileges/privileges-setuid-root.yaml → ...ylibrary/privileges/privileges-raise.yaml b/...ry/privileges/privileges-setuid-root.yaml → ...ylibrary/privileges/privileges-raise.yaml
@@ -1,5 +1,7 @@
-# This 'privileges-setuid-root' Tracing Policy monitors processes trying
-# to change their uids/gids to user root.
+# This 'privileges-raise' Tracing Policy monitors processes trying
+# to raise their privileges:
+#
+# 1. Change their uids/gids to user root.
 #
 #  __sys_setuid
 #    - __x64_sys_setuid
@@ -53,7 +55,9 @@
 apiVersion: cilium.io/v1alpha1
 kind: TracingPolicy
 metadata:
-  name: "privileges-setuid-root.yaml"
+  name: "privileges-raise"
+  annotations:
+    description: "Detects privileges raising operations"
 spec:
   kprobes:
   - call: "__sys_setuid"