Monthly Archives: February 2017

Running Docker Containers with Non-root Users or Random User IDs

February 12, 2017   By default, Docker containers run as root. Using root is dangerous and it may not be available in all environments. “Best practices for writing Dockerfiles” recommend that “…If a service can run without privileges, use USER to change to a non-root user”. There is a twist to this – for better security, some aPaaS (Application Platform-as-a-Service) like OpenShift use by default a user with random UID when running an image. That leads us to the question – how can one build more secure Docker images so the containers can run as a concrete non-root user and […]