bacongobbler
commented
8 years ago We already are running as non-root. Closing!
Closed krancour closed 8 years ago
bacongobbler
commented
8 years ago We already are running as non-root. Closing!
krancour
commented
8 years ago @bacongobbler the processes that are running may be running as root, but if you exec into the container, you are root. That's not good.
bacongobbler
commented
8 years ago The only way an attacker can exec into the container are through two points: postgres itself and kubernetes. With the former, you're always running as the postgres user so the attack surface there is reduced to the database, but an attacker should not be able to gain root priveleges in the container. If an attacker is able to access kubernetes, then you've got bigger problems because that should not be exposed to the internet.
This is a best practice that we should follow wherever we can. In this case, it's probably pretty easy since it would appear that all the processes are already owned by user
postgres.