We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Hi, Currently (in version 0.12.3 at least) the process runs under root :
1 root 0:00 vuls server -listen 0.0.0.0:5515 -format-json -debug -debug-sql -cvedb-type=http -cvedb-url=http://vuls-go-cve-dictionary:1323 -ovaldb-type=http -ovaldb-url=http://vuls-goval-dictionary:1324
It seems better to create and use an applicative user instead.
The text was updated successfully, but these errors were encountered:
Pull Request welcome 👍
Sorry, something went wrong.
Hi @tramora, I was able to make it run while using Docker in Rootless mode. I'll add the required documentation soon.
thanx for your comments @kotakanbe & @Jiab77. Indeed, the users can use that kind of workarounds even in kubernetes.
# in the deployment yaml securityContext: runAsNonRoot: true runAsUser: 27740 runAsGroup: 27740 allowPrivilegeEscalation: true
That's why this "issue" seems very low priority even if it should be simple to fix
In dockerfile
RUN apk add sudo && \ adduser app_user -D --shell /sbin/nologin
and in the entrypoint call
/sbin/sudo --user=app_user vuls
No branches or pull requests
Hi,
Currently (in version 0.12.3 at least) the process runs under root :
It seems better to create and use an applicative user instead.
The text was updated successfully, but these errors were encountered: