A container runs as root (runAsUser 0 or default root). Running as root inside the container increases risk on container compromise or breakout.
Warning
N/A
- Report shows: Container <name> in pod <ns>/<pod> runs as root
- Container securityContext.runAsUser is 0 or unset with root default
- Set runAsNonRoot: true and runAsUser to a non-zero UID at pod or container level
- Use images that run as non-root; avoid root for application code
- Enforce via Pod Security admission (e.g. restricted policy)
- For legacy workloads requiring root, isolate and restrict network and host access