Do the Docker containers run as the root user ? Implement a Non-Root User #12828
Description
A quick grep found some Docker container files which seem to run as the root user.
I looked in the files and did not see the USER command
cloudstack$ find . -type f -name '*Dockerfile*' -exec grep -L "USER " {} +
./ui/Dockerfile
./tools/docker/Dockerfile.smokedev
./tools/docker/Dockerfile.marvin
"Using grep -L (which lists filenames that do not contain a match), you are likely using it to find files missing a license header or a specific string."
From Google:
Implementing a non-root user in Docker containers is a fundamental security best practice that significantly strengthens your application's defense. By default, Docker containers run as the root user, which can grant them unrestricted access to the underlying host system and its resources.
The primary reasons for using a non-root user include:
- Minimizing Attack Surface: Running as a non-root user limits what a container can do if compromised. An attacker who exploits a vulnerability in your application will only have the limited permissions of that non-privileged user, rather than full control over the container.
- Preventing Container Breakout: If a container is compromised, a root user inside the container can potentially "escape" to the host machine. Since containers share the host's kernel, a root user in a container is often equivalent to a root user on the host system, allowing an attacker to take control of the entire server.
- Principle of Least Privilege (PoLP): This standard security practice dictates that any process should only have the minimum permissions necessary to perform its task. Applications, databases, and load balancers rarely need root access to function.
- Restricting Access to Sensitive Resources: Non-root users cannot easily access sensitive host directories if they are inadvertently mounted into the container, nor can they interact directly with the Docker socket (/var/run/docker.sock) to control other Docker resources.
- Compliance and Platform Requirements: Many regulatory standards (like GDPR and HIPAA) and Kubernetes distributions (like OpenShift require or enforce the use of non-root users to ensure a secure and compliant environment.
- Protection Against Malicious code: Using a non-root user prevents malicious code from easily installing new system packages, modifying critical system files, or replacing existing Docker images during runtime.