Last USER is root

Description

The Docker containers by default run with the root privilege and so does the application that runs inside the container. This is a major concern from the security perspective because hackers can gain root access to the Docker host by hacking the application running inside the container.

Fix - Buildtime

Dockerfile

Remove USER root or add a non-root user after.

FROM base

- USER root
+ USER userA