Last USER is root
Description
The Docker containers by default run with the root privilege and so does the application that runs inside the container. This is a major concern from the security perspective because hackers can gain root access to the Docker host by hacking the application running inside the container.
Remediation
Dockerfile Remove `USER root` or add a non-root user after.
[,Dockerfile]
FROM base
- USER root
Rule Details
| Field | Value |
|---|---|
| ID | IAC-0841 |
| Severity | LOW |
| IaC Type | dockerfile |
| Frameworks | Docker |
| Checkov ID | CKV_DOCKER_8 |