Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Free Learning
Arrow right icon
Arrow up icon
GO TO TOP
The Docker Workshop

You're reading from   The Docker Workshop Learn how to use Docker containers effectively to speed up the development process

Arrow left icon
Product type Paperback
Published in Oct 2020
Publisher Packt
ISBN-13 9781838983444
Length 792 pages
Edition 1st Edition
Tools
Concepts
Arrow right icon
Authors (5):
Arrow left icon
Engy Fouda Engy Fouda
Author Profile Icon Engy Fouda
Engy Fouda
Onur Yılmaz Onur Yılmaz
Author Profile Icon Onur Yılmaz
Onur Yılmaz
Sathsara Sarathchandra Sathsara Sarathchandra
Author Profile Icon Sathsara Sarathchandra
Sathsara Sarathchandra
Aric Renzo Aric Renzo
Author Profile Icon Aric Renzo
Aric Renzo
Vincent Sesto Vincent Sesto
Author Profile Icon Vincent Sesto
Vincent Sesto
+1 more Show less
Arrow right icon
View More author details
Toc

Table of Contents (17) Chapters Close

Preface
1. Running My First Docker Container 2. Getting Started with Dockerfiles FREE CHAPTER 3. Managing Your Docker Images 4. Multi-Stage Dockerfiles 5. Composing Environments with Docker Compose 6. Introduction to Docker Networking 7. Docker Storage 8. CI/CD Pipeline 9. Docker Swarm 10. Kubernetes 11. Docker Security 12. Best Practices 13. Monitoring Docker Metrics 14. Collecting Container Logs 15. Extending Docker with Plugins Appendix

Privileged and Root User Access in Containers

One important way to improve the security of your containers is to reduce what an attacker can do if they manage to gain access. The types of command the attacker can run on the container are limited to the level of access the user who is running the processes on the container has. So, if there are no root or elevated privileges on the running container, this limits what the attacker can do. Another thing to remember is that if a container is compromised and is running as the root user, this may also allow the attacker to escape the container and access the host system running Docker.

Most processes running on the container are applications that don't need root access, and this is the same as running processes on a server, where you would not run them as root either. The applications running on the container should only have access to what they need. The reason why root access is provided, especially in base images, is because applications...

lock icon The rest of the chapter is locked
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image