Optional. Default false
. If set to true
, the task will
run with full capabilities, as determined by the Garden backend the task runs
on. For Linux-based backends it typically determines whether or not the
container will run in a separate user namespace, and whether the root
user is "actual" root
(if set to true
) or a user namespaced
root
(if set to false
, the default).
This is a gaping security hole; use wisely and only if necessary. This is not part of the task configuration to prevent privilege escalation via pull requests.