Advanced Containers & Virtualization #container-security#non-root#capabilities#seccomp

Container Security Language

5 exercises — Master the English vocabulary of container hardening: non-root users, Linux capabilities, CVE scanning, seccomp, and read-only filesystems.

0 / 5 completed
1 / 5

A security audit finding reads: "Container web-api runs as root (UID 0). This violates our container hardening policy. Update the Dockerfile to switch to a non-root user before the entrypoint."

Why is running a container process as root (UID 0) a security risk?