Risks
Overlapping UIDs Between Kubernetes Containers and Host VM
Assigning the same UID to both a container and the host VM can lead to severe privilege escalation risks. If an attacker compromises a container with a UID that matches a host user's UID, they could inherit the same permissions on the host VM, allowing them to compromise the system further.
When containers are run with default UIDs, such as root (UID 0) or common user IDs like 1000, there’s a potential risk of overlap with host VM users. This overlap can grant attackers unauthorized access to host-level privileges if they break out of the container, especially in cases where the container is running with a UID that has elevated rights on the host.
To mitigate this risk, it is essential to assign unique UIDs that do not overlap with those on the host VM.