A pod is configured to run as root (e.g. securityContext.runAsUser: 0). Root in the container increases risk if the container is compromised or escapes.
Warning
N/A
- Report shows: Pod <ns>/<name> runs as root
- Pod or container securityContext.runAsUser is 0 or unset with root default
- Set securityContext.runAsNonRoot: true and runAsUser to a non-zero UID
- Build images to run as a non-root user; avoid requiring root for application logic
- Use Pod Security Standards/Admission to enforce runAsNonRoot
- If root is required for legacy workloads, isolate in dedicated namespaces and restrict network