Manages /etc/hosts
| Property | |
|---|---|
| Language |  |
| Severity |  |
Description#
Setting ‘spec.template.spec.hostAliases’ in Kubernetes resource definitions allows manual management of /etc/hosts entries inside containers, overriding default behavior and potentially preventing the container engine from updating this file as needed.
Impact#
Improper management of /etc/hosts can lead to stale or incorrect DNS resolutions within containers, which may cause service disruptions, hinder container communication, or expose the system to man-in-the-middle attacks if host mappings are manipulated.
Resolution#
Do not set ‘spec.template.spec.hostAliases’.