Currently, our container images default to running the application as the root user. For improved security, we should create and switch to a non-root user before starting the application. This change will help reduce the risk of privilege escalation and other security vulnerabilities.
Action items:
- Update the main application container to use a non-root user.
- Apply the same change to
builder/Containerfile to ensure consistency and security across all container builds.
Suggested steps:
- Create a non-root user in the Dockerfile/Containerfile.
- Set the user context to the newly created non-root user before starting the application.
- Test the containers to ensure the application runs correctly under the non-root user.
Let’s track this enhancement here so it isn’t forgotten.
I created this issue for @lcarva from #16 (comment).
Tips and commands
Getting Help
Currently, our container images default to running the application as the root user. For improved security, we should create and switch to a non-root user before starting the application. This change will help reduce the risk of privilege escalation and other security vulnerabilities.
Action items:
builder/Containerfileto ensure consistency and security across all container builds.Suggested steps:
Let’s track this enhancement here so it isn’t forgotten.
I created this issue for @lcarva from #16 (comment).
Tips and commands
Getting Help