A privileged container is given access to all devices on the host and can work at the kernel level. It is declared using the Pod.spec.containers[].securityContext.privileged attribute. This may be useful for infrastructure containers that perform setup work on the host, but is a dangerous attack vector.
Minimize the use of privileged containers.
Use Pod Security Policies to enforce using privileged: false policy.