Kubernetes finally lands user namespace support, but shared kernel problem remains

Kubernetes has shipped user namespace support for pods, a long-awaited security feature. This improves security but a shared kernel problem remains. User namespace support allows for better isolation between pods. This is a significant improvement for security-conscious users. Further work is needed to address the shared kernel issue.