-
Notifications
You must be signed in to change notification settings - Fork 44
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Run as non-root user #194
Comments
@krancour I think we are running as a non root user ? |
Does not seem it:
But let's hold off on doing anything with this until after the Dockerfile's been refactored for Ubuntu Slim-- which I am working on. Otherwise, there's just going to be an unresolvable merge conflict and we'll make extra work for ourselves. |
Yeah I think openssh is running as root in order to bind to port 22. |
@krancour I think the new ubuntu slim image is not running builder as root . Let me know if this isn;t fixed |
bumping from RC1, as this is not critical for the RC |
That's fine. |
The server itself is still running as root, so this is not yet resolved. All processes should be run as non-root. If any of them are compromised, the user has root level access and could break out of the container onto the host.
|
This issue was moved to teamhephy/builder#32 |
This is a best practice we should follow wherever we can.
The text was updated successfully, but these errors were encountered: