I am very new to docker. In a VM the very first thing one learns to do is to harden it’s security by using failtoban and making a non-root user and removing the root user altogether.
Is all of this not required to be done in a container ?
Another thing is that a webserver is never run as a root. In fact since the server is run as “apache” or “www-data” user, the non root user is assigned to this group for sorting read write permissions. It is considered bad practice to run a webserver as root.
So how are these things sorted in docker? I read that assigning a non-root user to docker conflicts with volume writes. hoping for someone to give a comprehensive reply to these.