RUN using ‘sudo
| Property | |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description#
Including ‘sudo’ in RUN instructions within a Dockerfile introduces unnecessary privilege escalation, leading to unpredictable build behavior and inconsistent image states. Docker containers typically execute as root by default, making ‘sudo’ redundant and potentially problematic.
Impact#
Using ‘sudo’ in Dockerfile RUN commands can cause build failures, security risks, and portability issues. It may mask permission problems, complicate troubleshooting, and open avenues for privilege misuse, potentially resulting in images that behave inconsistently or are vulnerable to privilege escalation attacks.
Resolution#
Don’t use sudo