Docker Container running as root user
17 views
Skip to first unread message
webmas...@gmail.com
Jan 26, 2023, 5:40:50 PM1/26/23
to Review Board Community
Hi,
I'm running the https://github.com/docker/docker-bench-security script. Which says that your Docker container is running with the user 'root', which is NOT advised!
I notice you already create a dedicated user in your Dockerfile. But (almost) at the end of the the Dockerfile (after you did all the COPY stuff..) it might be wise to change the default user, like in your Dockerfile:
USER reviewboard
WORKDIR /site
Output logging of docker-bench-security.sh:
---
[INFO] 4 - Container Images and Build File
[WARN] 4.1 - Ensure that a user for the container has been created (Automated)
[WARN] * Running as root: docker-reviewboard-1
---
[WARN] 4.1 - Ensure that a user for the container has been created (Automated)
[WARN] * Running as root: docker-reviewboard-1
---
Anyway, you can run docker-bench-security for yourself as well.
Regards,
Melroy van den Berg
Reply all
Reply to author
Forward
0 new messages