Containers must not set runAsUser to 0
| Property | |
|---|---|
| Language |  |
| Severity |  |
Description#
The configuration allows containers to run as the root user (UID 0) by explicitly setting ‘securityContext.runAsUser’ to 0. Running containers as root increases the risk of privilege escalation within the container environment.
Impact#
If exploited, attackers who compromise a container can gain root-level access, potentially allowing them to break out of the container, alter system files, or escalate privileges, increasing the risk of system-wide compromise.
Resolution#
Set ‘securityContext.runAsUser’ to a non-zero integer or leave undefined.