[
https://issues.apache.org/jira/browse/SYNCOPE-1909?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=18018332#comment-18018332
]
ASF subversion and git services commented on SYNCOPE-1909:
----------------------------------------------------------
Commit cb4be42fe268de38748701cf76916b10a6abe6a7 in syncope's branch
refs/heads/3_0_X from Francesco Chicchiriccò
[ https://gitbox.apache.org/repos/asf?p=syncope.git;h=cb4be42fe2 ]
[SYNCOPE-1909] Changing base image to comply with all platforms
> Docker containers as unprivileged user
> --------------------------------------
>
> Key: SYNCOPE-1909
> URL: https://issues.apache.org/jira/browse/SYNCOPE-1909
> Project: Syncope
> Issue Type: Improvement
> Components: docker
> Reporter: Francesco Chicchiriccò
> Assignee: Francesco Chicchiriccò
> Priority: Major
> Fix For: 3.0.14, 4.0.2, 4.1.0
>
>
> By default Docker containers will run as UID 0, or root.
> This means that if the Docker container is compromised, the attacker will
> have host-level root access to all the resources allocated to the container.
> By using a non-root user, even if the attacker manages to break out of the
> application running in the container, they will have limited permissions if
> the container is running as a non-root user.
--
This message was sent by Atlassian Jira
(v8.20.10#820010)
