Docker Community Forums

Share and learn in the Docker community.

Why not using root user as default

Hi!

I’ve reading two topics about Docker security:


I understand for Docker image which are apps, the root user is not safe, so the best option is creating a non-root user to run my service.

But what about development images? Docker images which are used when I need to build applications, not to run services?

Currently I’m using non-root user for development images, but I see few advantages when using it. For instance, when I want to use my Docker image in MS Azure, running as Container jobs, it requires a root user. Also, when I need to update my image, like installing a new package, I need to elevate that user, which has sudo permission.

Finally, is there a real recommendation for non-root user in Docker images, when an image is only for development and building?

Regards!

1 Like