dockerfiles icon indicating copy to clipboard operation
dockerfiles copied to clipboard
verified publisher icon jauderho

Use non-root user for Docker image whenever possible

Open jauderho opened this issue 4 years ago • 2 comments

Right now, not all of the images are built with a non-root user. More testing/validation will have to be done to determine which images can run as non-root.

Images that have to run as root should have capabilities limited to the needed subset.

jauderho avatar Nov 16 '21 16:11 jauderho

any update on this? or can i help you with it?

MaxPeal avatar Apr 06 '22 16:04 MaxPeal

@MaxPeal Pull requests are very welcome as I have to test and make sure that builds are not broken as a result of specifying a non-root user.

In general, I'm looking at adding the following on an as-needed basis:

# EXPOSE
# ENV
# STOPSIGNAL
HEALTHCHECK NONE
# USER

jauderho avatar Apr 06 '22 16:04 jauderho