Violation of Dockerfile best-practice: container run with root user #623
Description
It's not recommended to run containers with root user. This can be a vector for container escapement. It's recommended to use non-root users.
This can be done by adding a USER statement to the Dockerfile. This issue is present in development and production, but the critical one is production.
This is extra important in this case since /proc appears to be mounted, although as read-only.
https://book.hacktricks.xyz/linux-hardening/privilege-escalation/docker-security/docker-breakout-privilege-escalation/sensitive-mounts