You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Switching to the root USER opens up certain security risks if an attacker gets access to the container. In order to mitigate this, switch back to a non privileged user after running the commands you need as root.
DESCRIPTION:
Switching to the root USER opens up certain security risks if an attacker gets access to the container. In order to mitigate this, switch back to a non privileged user after running the commands you need as root.
BAD PRACTICE:
FROM debian:buster
USER root
RUN ...
RECOMMENDED:
FROM debian:buster
USER root
RUN ...
USER guest
Last USER should not be root on these places:
hive/blob/master/clients/besu/Dockerfile#L6-L6
hive/blob/master/clients/openethereum/Dockerfile#L11-L11
hive/blob/master/clients/teku-vc/Dockerfile#L6-L6
The text was updated successfully, but these errors were encountered: