In an environment with a lot of custom SCCs, system pods get mapped to custom SCCs

A partner is defining a lot of custom SCCs on their cluster to fulfill their different use cases.

Even though the different SCCs do not necessarily have higher priority values (some do, some don't), a lot of system pods are matched by the custom SCCs instead of being matched by the OpenShift default SCCs. In most cases, this is currently not creating issues, but we fear that this may have an impact in the future (such as with upgrades, etc.)

The matching happens due to OpenShift's prioritization rules and due to the fact the the cluster-admin role (which is used by many system pods) can use any SCC.
1. The highest priority SCCs are ordered first.
2. If the priorities are equal, the SCCs are sorted from most restrictive to least restrictive.
3. If both the priorities and restrictions are equal, the SCCs are sorted by name.

But this limits their use for SCCs. When they create a custom SCC, it is difficult to know if and why it will be applied to a system pod, and they might potentially only discover at a later point in time (after system pod restart) that SCCs were actually applied to system pods.