Runs as root user
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Containers are configured to run as the root user by default, rather than specifying a non-root user in the security context. This setup does not enforce least privilege and increases the risk of privilege escalation within the container.
Impact#
If exploited, a process running as root inside the container could gain elevated permissions, potentially allowing an attacker to compromise the container, escape to the host system, or access sensitive data and resources, increasing the risk of broader system compromise.
Resolution#
Set ‘containers[].securityContext.runAsNonRoot’ to true.