What would you like to be added:

Kubernetes 1.33+ offers user namespaces which further isolates users from the system and other pods on the same host.

It would be helpful to explicitly set hostUsers: true where host privileges are required and allow setting hostUsers: false on parts that can have full isolation.

In my experience with kubernetes, explicit is always better than implicit.

Why is this needed:

At some point hostUsers default setting will become user customizable. When this happens a number of folks will set this enable user namespaces by default. Explicitly setting pods that require elevated host permissions will both clearly document the required permission set and prevent unexpected "foot guns".

Note: hostUsers: false is incompatible with kind.