Run rootles by default about imagestore HOT 4 CLOSED

Any way you could make a PR with that? I'm not sure if you mean switching users inside of the container, or executing the container as a non-root user, or switching user when building the images.

from imagestore.

Should just need a RUN adduser --uid 1000 imagestore and USER imagestore. Will make a PR and test when I have time :).

from imagestore.

Perfect, thanks! Out of curiosity, any idea why this is not recommended in the Docker docs, or in other places that feature information regarding docker? It totally makes sense that this would increase security, but it's the first time I come across this.

from imagestore.

It is recommend, though maybe not as prominently as it should:

Docker documentation on kernel capabilities:
https://docs.docker.com/engine/security/#linux-kernel-capabilities
https://kubernetes.io/blog/2018/07/18/11-ways-not-to-get-hacked/#8-run-containers-as-a-non-root-user

An even bigger sin, which is more commonly discouraged is running in --priveleged mode, which gives trivial root to the host system. Even without --priviliged various versions of docker have allowed escaping a container by exploiting linux capabilities such as mounting, overwriting files etc.

Docker didn't originally support linux kernel capabilities (such as allowing a container to bind on ports less than <1024 through NET_BIND_SERVICE) so for convenience most base containers leave the default USER as root. This also allows you to easily easily install packages interactively and debug. Running a "production" image is quite risky, if someone is able to get root shell access to a container they can install nmap discover services, proxy into the network etc.

from imagestore.