Security Root in Docker-Image (Dockerfile)

mrmac · December 22, 2021, 10:07pm

Hello forum members,

I have a quick question for everyone who wants to create or do their own Docker image. I am currently in the process of building my own Docker image on Alpine Linux with NGINX and PHP. Nginx then runs with nobody authorization.

Must / should the root account be protected separately? With what methods?

Maybe someone has experience they want to share with me.
Thank you…

Greeting

rimelek · December 23, 2021, 10:55pm

You can run the docker daemon in rootless mode or use user namespaces so your root user inside the container will not be the same as the root user on the host. You could also try to run nginx as a non-root user so if gets inside the.container through nginx, it will not have root privileges.

Topic		Replies	Views
Running Nginx official image as non root General	17	45326	April 3, 2024
Inquiry regarding Security considerations for Nginx Docker image General security , docker	0	518	December 4, 2023
Docker rootless 2021 - different user in image (running container) as user on host possible? General	1	500	June 15, 2021
Current best practice for file privileges in a container General docker	0	530	April 8, 2018
Is it necessary or better to use a dedicated user to run Docker? General	4	2072	January 18, 2024

Security Root in Docker-Image (Dockerfile)

Related topics