Kubernetes changes the container escape question.
From inside a pod, the first objective is often not direct host escape. It is Kubernetes API access through the pod's service account.
Detection
Check for Kubernetes environment variables:
env | grep -i kubernetes
Check service account files:
ls -la /var/run/secrets/kubernetes.io/serviceaccount
cat /var/run/secrets/kubernetes.io/serviceaccount/namespace
Common files:
/var/run/secrets/kubernetes.io/serviceaccount/token
/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
/var/run/secrets/kubernetes.io/serviceaccount/namespace
API Access
Set variables:
TOKEN=$(cat /var/run/secrets/kubernetes.io/serviceaccount/token)
CA=/var/run/secrets/kubernetes.io/serviceaccount/ca.crt
API="https://${KUBERNETES_SERVICE_HOST}:${KUBERNETES_SERVICE_PORT}"
Check API:
curl --cacert "$CA" -H "Authorization: Bearer $TOKEN" "$API/version"
Get namespace:
NS=$(cat /var/run/secrets/kubernetes.io/serviceaccount/namespace)
List pods if permitted:
curl --cacert "$CA" -H "Authorization: Bearer $TOKEN" \
"$API/api/v1/namespaces/$NS/pods"
With kubectl
If kubectl is available:
kubectl auth can-i --list
kubectl get pods
kubectl get secrets
kubectl get serviceaccounts
Check specific high-impact permissions:
kubectl auth can-i create pods
kubectl auth can-i get secrets
kubectl auth can-i create pods/exec
kubectl auth can-i list nodes
kubectl auth can-i '*' '*'
High-Impact Permissions
High-value Kubernetes permissions include:
get/list/watch secrets
create pods
create pods/exec
create pods/attach
create daemonsets
create deployments
patch pods
use privileged pod security policy / privileged admission path
list nodes
get nodes/proxy
impersonate users/groups/serviceaccounts
Impact depends on cluster policy.
For example, create pods becomes much more serious if the namespace allows privileged pods or hostPath mounts.
Pod-To-Node Paths
Possible paths from Kubernetes permissions to node impact:
- Create privileged pod
- Mount hostPath
/ - Use host PID namespace
- Use host network namespace
- Deploy daemonset to nodes
- Read node credentials or kubelet files
- Abuse overly broad service account tokens
These are Kubernetes misconfigurations, not generic Docker escapes.
Remediation
- Disable automatic service account token mounting where not needed.
- Use least-privilege RBAC.
- Do not grant broad
get secretspermissions. - Prevent untrusted workloads from creating privileged pods.
- Restrict hostPath mounts.
- Restrict host PID, host IPC, and host network.
- Use admission controls and Pod Security Standards.
- Separate namespaces by trust level.
- Rotate exposed service account tokens.
- Monitor Kubernetes API calls from pods.
Inside Kubernetes, the API server is often the real control plane.