Ensure the last USER is not root

Error: Last USER is root

Bridgecrew Policy ID: BC_DKR_8
Checkov Check ID: CKV_DOCKER_8
Severity: LOW

Last USER is root


The Docker containers by default run with the root privilege and so does the application that runs inside the container. This is a major concern from the security perspective because hackers can gain root access to the Docker host by hacking the application running inside the container.

Fix - Buildtime


Remove USER root or add a non-root user after.

FROM base

- USER root
+ USER userA