Do Not Allow Sharing Host PID Namespace

Ensure not allowing sharing host PID namespace.

Policy Details

Policy Subtype
Build
Severity
Medium
Template Type
Kubernetes

Build Rules

Do not allow sharing host PID namespace.
JSON Query:
$.spec.template.spec.hostPID is true
Recommendation:
Recommended solution for not sharing host PID namespace.
It is recommended not to sharing host PID namespace. Please make sure "hostPID" has value set to "false".
For example:
"spec": { "hostPID": false, "containers": [ { "name": "pause", "image": "k8s.gcr.io/pause" } ] }

Recommended For You