A group of straightforward however efficient methods to extend the safety of your Docker containers
These days, Docker has change into some of the widespread methods to deploy functions from improvement to manufacturing.
Nevertheless, each time we run one thing, it is very important maintain the safety of the system in thoughts, whether or not it’s a customary working system or a Docker container.
On this article, we’ll see 5 efficient methods to enhance the safety of your Docker container.
When making a container, the bottom picture is without doubt one of the most important components.
Importing a picture with FROM means importing all of the instructions and definitions outlined within the unique picture.
Every time attainable, use pictures which have been verified by Docker and prioritize these with the best variety of downloads.
In the event you wished to run an internet server immediately in your system, would you give it full privileges?
Most likely not, nevertheless it’s quite common to seek out Docker pictures that run as root.
To scale back the danger of exploitation, all the time observe the precept of least privilege.
Earlier than you begin your software, create a customized person with solely the permissions to run the companies you want.
# Create a brand new group and person app
# with full permission on /app folder
RUN groupadd -r app && useradd -r -g app app && chown -R app:app /app
There are circumstances the place Docker is used to run functions that don’t want to change the…
