Do not admit containers with docker socket bind mount

This can be used for to leak information, privilege escalation, and to manage containers outside of Kubernetes.