Security Root in Docker-Image (Dockerfile)

Hello forum members,

I have a quick question for everyone who wants to create or do their own Docker image. I am currently in the process of building my own Docker image on Alpine Linux with NGINX and PHP. Nginx then runs with nobody authorization.

Must / should the root account be protected separately? With what methods?

Maybe someone has experience they want to share with me.
Thank you…


You can run the docker daemon in rootless mode or use user namespaces so your root user inside the container will not be the same as the root user on the host. You could also try to run nginx as a non-root user so if gets inside the.container through nginx, it will not have root privileges.