[jira] [Created] (SYNCOPE-1909) Docker containers as unprivileged user

Jira Sat, 06 Sep 2025 21:06:42 -0700

Francesco Chicchiriccò created SYNCOPE-1909:
-----------------------------------------------


             Summary: Docker containers as unprivileged user
                 Key: SYNCOPE-1909
                 URL: https://issues.apache.org/jira/browse/SYNCOPE-1909
             Project: Syncope
          Issue Type: Improvement
          Components: docker
            Reporter: Francesco Chicchiriccò
            Assignee: Francesco Chicchiriccò
             Fix For: 3.0.14, 4.0.2, 4.1.0


By default Docker containers will run as UID 0, or root.
This means that if the Docker container is compromised, the attacker will have 
host-level root access to all the resources allocated to the container.
By using a non-root user, even if the attacker manages to break out of the 
application running in the container, they will have limited permissions if the 
container is running as a non-root user.



--
This message was sent by Atlassian Jira
(v8.20.10#820010)

[jira] [Created] (SYNCOPE-1909) Docker containers as unprivileged user

Reply via email to