apiVersion: v1
kind: Pod
metadata:
  name: bad-pod-3
  namespace: default
spec:
  containers:
  - name: nginx
    image: nginx
    args:
    - sleep
    - 1d
    securityContext:
      seccompProfile:
        type: RuntimeDefault
      runAsNonRoot: false
      allowPrivilegeEscalation: false
      capabilities:
        drop:
        - ALL