Back

Configure the "hostIPC" flag to organizational standards.


CONTROL ID
14643
CONTROL TYPE
Configuration
CLASSIFICATION
Preventive

SUPPORTING AND SUPPORTED CONTROLS



This Control directly supports the implied Control(s):
  • Configure "Kubernetes" to organizational standards., CC ID: 14528

There are no implementation support Controls.


SELECTED AUTHORITY DOCUMENTS COMPLIED WITH



  • Minimize the admission of containers wishing to share the host IPC namespace Description: Do not generally permit containers to be run with the `hostIPC` flag set to true. Rationale: A container running in the host's IPC namespace can use IPC to interact with processes outside the container. There s… (5.2.3, The Center for Internet Security Kubernetes Level 1 Master Node Benchmark, v 1.6.0)
  • Minimize the admission of containers wishing to share the host IPC namespace Description: Do not generally permit containers to be run with the `hostIPC` flag set to true. Rationale: A container running in the host's IPC namespace can use IPC to interact with processes outside the container. There s… (5.2.3, The Center for Internet Security Kubernetes Level 2 Master Node Benchmark, v 1.6.0)