You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
It's not recommended to run containers with root user. This can be a vector for container escapement. It's recommended to use non-root users.
This can be done by adding a USER statement to the Dockerfile. This issue is present in development and production, but the critical one is production.
It's not recommended to run containers with root user. This can be a vector for container escapement. It's recommended to use non-root users.
This can be done by adding a
USER
statement to the Dockerfile. This issue is present in development and production, but the critical one is production.This is extra important in this case since
/proc
appears to be mounted, although as read-only.https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts
The text was updated successfully, but these errors were encountered: