Docker Community Forums

Share and learn in the Docker community.

Should the docker process be running via the root user? Is that unsafe or unrecommended?

(Bhupendrajal) #1

I am using RHEL 7.6 and Docker version 1.13.1, build 07f3374/1.13.1. I am now responsible for the security of a Docker host. I ran this command:

sudo ps -U root | grep docker

I saw this output:

4143 ? 00:00:00 dockerd-current
4156 ? 00:00:00 docker-containe

Docker was originally installed and configured with sudo commands like “sudo systemctl docker enable” and “sudo systemctl docker start”. Is there anything inherently unsafe about having dockerd-current and docker-containe being started and running with the root user after every server reboot automatically? I tend to think a different user should be starting the Docker service, but I am not a security expert.

(Fsejoseph) #2

Not sure but from the installation steps I think they should be:
Installation commands are all sudo:

Might want to look at the post installed steps

Here is some security info! Keep searching!