# Host Namespace Access Enabled

- ID: kubernetes-host-access
- Severity: CRITICAL
- CWE: CWE-250 (CWE-250)
- Languages: YAML
- Frameworks: kubernetes

## Description

Detects pods configured to access host namespaces (network, PID, or IPC).

## Detection Message

Pod is configured to access host namespaces (network, PID, or IPC).

## Remediation

Remove or disable host namespace access.

```yaml
spec:
  hostNetwork: false
  hostPID: false
```

Learn more: https://shoulder.dev/learn/kubernetes/cwe-250/host-access

## Documentation

[object Object]

## Related Rules

- **Container runs as root** [HIGH]: 
- **Docker User and File Permissions** [HIGH]: 
- **Privilege Escalation Allowed** [HIGH]: 
- **Dangerous Linux Capabilities Added** [CRITICAL]: 
- **Missing Capability Restrictions** [MEDIUM]: