hadolint/DL3002

Last user should not be root.

Property	Value
Severity	Warning
Category	Security
Default	Enabled

Description

Switching to the root USER opens up certain security risks if an attacker gets access to the container. In order to mitigate this, switch back to a non-privileged user after running the commands you need as root.

Examples

Problematic code

FROM busybox
USER root
RUN ...

Correct code

FROM busybox
USER root
RUN ...
USER guest

Reference

hadolint/DL3002

Overview

Security

Correctness

Performance

Style

GPU / CUDA

PHP

PowerShell

Windows

BuildKit Rules

Hadolint Rules

ShellCheck Rules

hadolint/DL3002

Description

Examples

Problematic code

Correct code

Reference

Overview

Security

Correctness

Performance

Style

GPU / CUDA

PHP

PowerShell

Windows

BuildKit Rules

Hadolint Rules

ShellCheck Rules

​Description

​Examples

​Problematic code

​Correct code

​Reference

Description

Examples

Problematic code

Correct code

Reference