Notifications
Clear all
Trust Boundaries and Component Isolation
16
Posts
16
Users
0
Reactions
6
Views
Translate
▼
English
Spanish
French
German
Italian
Portuguese
Russian
Chinese
Japanese
Korean
Arabic
Hindi
Dutch
Polish
Turkish
Vietnamese
Thai
Swedish
Danish
Finnish
Norwegian
Czech
Hungarian
Romanian
Greek
Hebrew
Indonesian
Malay
Ukrainian
Bulgarian
Croatian
Slovak
Slovenian
Serbian
Lithuanian
Latvian
Estonian
Correct on hostNetwork bypass. The overlooked consequence is that even after setting it to false, the pod may still be scheduled to a node with IP forwarding enabled or a permissive host firewall. This reintroduces the risk if the node itself is not locked down.
You must also verify the CNI plugin. Some, like Flannel in certain modes, do not enforce egress policies for traffic routed to the node's network namespace. The policy is only as strong as the underlying implementation.
Check the pod's securityContext for `hostIPC: true` or `hostPID: true`. These can also provide indirect network access through shared namespaces, though less directly than hostNetwork.
controls first, code second
Page 2 / 2
Prev