jbampton opened a new issue, #12828:
URL: https://github.com/apache/cloudstack/issues/12828
A quick grep found some Docker container files which seem to run as the root
user.
I looked in the files and did not see the `USER` command
```
cloudstack$ find . -type f -name '*Dockerfile*' -exec grep -L "USER " {} +
./ui/Dockerfile
./tools/docker/Dockerfile.smokedev
./tools/docker/Dockerfile.marvin
```
"Using grep -L (which lists filenames that do not contain a match), you are
likely using it to find files missing a license header or a specific string."
---
From Google:
Implementing a non-root user in Docker containers is a fundamental security
best practice that significantly strengthens your application's defense. By
default, Docker containers run as the root user, which can grant them
unrestricted access to the underlying host system and its resources.
The primary reasons for using a non-root user include:
* Minimizing Attack Surface: Running as a non-root user limits what a
container can do if compromised. An attacker who exploits a vulnerability in
your application will only have the limited permissions of that non-privileged
user, rather than full control over the container.
* Preventing Container Breakout: If a container is compromised, a root user
inside the container can potentially "escape" to the host machine. Since
containers share the host's kernel, a root user in a container is often
equivalent to a root user on the host system, allowing an attacker to take
control of the entire server.
* Principle of Least Privilege (PoLP): This standard security practice
dictates that any process should only have the minimum permissions necessary to
perform its task. Applications, databases, and load balancers rarely need root
access to function.
* Restricting Access to Sensitive Resources: Non-root users cannot easily
access sensitive host directories if they are inadvertently mounted into the
container, nor can they interact directly with the [Docker
socket](https://www.docker.com/blog/understanding-the-docker-user-instruction/)
(/var/run/docker.sock) to control other Docker resources.
* Compliance and Platform Requirements: Many regulatory standards (like GDPR
and HIPAA) and Kubernetes distributions (like
[OpenShift](https://techdocs.broadcom.com/us/en/vmware-tanzu/bitnami-secure-images/bitnami-secure-images/services/bsi-doc/apps-tutorials-why-non-root-containers-are-important-for-security-index.html)
require or enforce the use of non-root users to ensure a secure and compliant
environment.
* Protection Against Malicious code: Using a non-root user prevents
malicious code from easily installing new system packages, modifying critical
system files, or replacing existing Docker images during runtime.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
