diff --git a/manifests/scc/scc-restricted-hostpath-privesc.yaml b/manifests/scc/scc-restricted-hostpath-privesc.yaml
index 991bd0b..28c0989 100644
--- a/manifests/scc/scc-restricted-hostpath-privesc.yaml
+++ b/manifests/scc/scc-restricted-hostpath-privesc.yaml
@@ -1,13 +1,13 @@
 apiVersion: security.openshift.io/v1
 kind: SecurityContextConstraints
 metadata:
-  name: restricted-hostpath-privesc
+  name: restricted-hostpath-privesc # this scc allows hostPath and allowPrivilegeEscalation
 allowHostDirVolumePlugin: true
 allowHostIPC: false
 allowHostNetwork: false
 allowHostPID: false
 allowHostPorts: false
-allowPrivilegeEscalation: false
+allowPrivilegeEscalation: true
 allowPrivilegedContainer: false
 allowedCapabilities:
   - CHOWN
diff --git a/manifests/scc/scc-restricted-hostpath.yaml b/manifests/scc/scc-restricted-hostpath.yaml
index bb939e9..7ea899a 100644
--- a/manifests/scc/scc-restricted-hostpath.yaml
+++ b/manifests/scc/scc-restricted-hostpath.yaml
@@ -2,12 +2,12 @@ apiVersion: security.openshift.io/v1
 kind: SecurityContextConstraints
 metadata:
   name: restricted-hostpath
-allowHostDirVolumePlugin: true # Needed for /dev/dri hostPath
+allowHostDirVolumePlugin: true #this scc allows hostPath
 allowHostIPC: false
 allowHostNetwork: false
 allowHostPID: false
 allowHostPorts: false
-allowPrivilegeEscalation: true
+allowPrivilegeEscalation: false
 allowPrivilegedContainer: false
 allowedCapabilities:
   - CHOWN