When a Dockerfile does not specify a USER, Docker containers run with super user privileges by
default. These super user privileges are propagated to the code running inside the container, which is
usually more permission than necessary
To modify a docker container to use a non-root user, the Dockerfile needs to specify a different user, such
as:
RUN useradd myLowPrivilegeUser
USER myLowPrivilegeUser
When a Dockerfile does not specify a USER, Docker containers run with super user privileges by default. These super user privileges are propagated to the code running inside the container, which is usually more permission than necessary
To modify a docker container to use a non-root user, the Dockerfile needs to specify a different user, such as: RUN useradd myLowPrivilegeUser USER myLowPrivilegeUser