I am using RHEL 7.6 and Docker version 1.13.1, build 07f3374/1.13.1. I am now responsible for the security of a Docker host. I ran this command:
sudo ps -U root | grep docker
I saw this output:
4143 ? 00:00:00 dockerd-current
4156 ? 00:00:00 docker-containe
Docker was originally installed and configured with sudo commands like “sudo systemctl docker enable” and “sudo systemctl docker start”. Is there anything inherently unsafe about having dockerd-current and docker-containe being started and running with the root user after every server reboot automatically? I tend to think a different user should be starting the Docker service, but I am not a security expert.