Skip to content

Host Ports description at Pod Security Standards contradicts spec for that field #44315

New issue
New issue
Open
Open
Host Ports description at Pod Security Standards contradicts spec for that field#44315
Labels
kind/bugCategorizes issue or PR as related to a bug.language/enIssues or PRs related to English languagelifecycle/staleDenotes an issue or PR has remained open with no activity and has become stale.needs-triageIndicates an issue or PR lacks a `triage/foo` label and requires one.sig/authCategorizes an issue or PR as relevant to SIG Auth.
@joebowbeer

Description

@joebowbeer
joebowbeer
opened on Dec 12, 2023

This is a Bug Report

Problem:
The Host Ports baseline Pod Security Standard lists 0 as one of the allowed values, but the Container spec excludes the value 0. According to the container spec, the hostPort must be in the range 0 < x < 65536.

  • ports.hostPort (int32)
    Number of port to expose on the host. If specified, this must be a valid port number, 0 < x < 65536.

Proposed Solution:
In the Host Ports baseline policy spec, either remove 0 from the allowed list, or add an explanation as to why 0 should be allowed even though it is not in the valid range.

Page to Update:
https://kubernetes.io/docs/concepts/security/pod-security-standards

Metadata

Metadata

Assignees

No one assigned

    Labels

    kind/bugCategorizes issue or PR as related to a bug.language/enIssues or PRs related to English languagelifecycle/staleDenotes an issue or PR has remained open with no activity and has become stale.needs-triageIndicates an issue or PR lacks a `triage/foo` label and requires one.sig/authCategorizes an issue or PR as relevant to SIG Auth.

    Type

    No type

    Projects

    SIG Auth

    Status

    Backlog

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions