Closed t-fine closed 3 years ago
Further info from a past issue...
A security vulnerability analysis will show that apps running as root in a container are potentially dangerous, and therefore the examples should show best practices.
Some more background from dave: further, some of the currently know exploits on linux occur when the linux container support is invoked as root, when running inside the container as root. This is the gist of why security people are concerned about running as root in a container....because it allows an attacker to exploit the underlying linux code. If a container is not running root, an attacker is limited in his abilities to get to the linux kernel.
If no user is explicitly used, you will run as root. Security scan tools flag this stuff. When a customer had IBM security folks scan and try to attack IEC, the only vulnerabilities they found were the helloworld app running as root....thus I opened the issue to fix it when we get a chance, because it doesnt demonstrate best practices. As usual with security stuff, it is not clear how much of this is grounded in FUD, but it is easier to just change this.
Since the lower-level services (such as
cpu
andgps
) bind to port 80 they require root privileges. Change them to 8080 to run as non-root user and add in any additional privileges (withcap-add
) if necessary.Current method of running
helloworld
as non-root user fromDockerfile.amd64
: