Comment on Does running applications inside a container as an unprivileged user have any security benefits?

x1gma@lemmy.world ⁨1⁩ ⁨year⁩ ago

Imagine your containers as very lightweight mini-VMs. Would you run everything as root in your virtual machines? Containers aren’t really that different to classical VMs from an operations point of view. You have a different attack surface, but it is still there, and running as a non-root user inside the container reduces this attack surface, and should IMHO be the default. Privileged containers and users may be required for specific purposes, but should not be the norm, if possible.

source
Sort:hotnewtop