Question

To minimize the attack surface of a containerized application, what is the standard practice regarding the privileges of the process running inside the container?

Accepted Answer

The standard security practice is to never run the container process as the root user. By default, many container images execute processes with root privileges, which gives that process full administrative control over the container environment. If an attacker manages to compromise a container running as root, they gain a much easier path to escaping the container and accessing the host system. To minimize this attack surface, you must configure the container to run as a non-privileged, low-permission user. This is typically achieved by using the USER instruction in a Dockerfile, which forces the container process to execute with limited system rights. For example, if an application requires only basic read-only access to files, running it as a restricted user ensures that even if the application is hacked, the attacker cannot modify system files, install malicious software, or escalate their privileges to take over the underlying host. Following the principle of least privilege, the process should only be granted the absolute minimum permissions necessary to perform its specific task.

Home → All Courses → Engineering and Technology Courses → DevOps Engineering and Continuous Delivery → Flashcard

To minimize the attack surface of a containerized application, what is the standard practice regarding the privileges of the process running inside the container?