Replies: 1 comment
-
|
I guess I look at it inversely; is there any reason to build with privileges? I cant think of anything offhand unless your containerfile needs specific privileges. |
Beta Was this translation helpful? Give feedback.
0 replies
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
Apologies if I have somehow missed the answer to this elsewhere but I can't seem to find one for podman specifically.
When building images using a containerfile, is it still best practice to run as a non root user? E.g. for node npm ci/pythons pip install?
Presumably if so, rather than using userns=keep-id you would instead map it to the non root user created inside?
Does this have security benefits to do it as a non root user, considering root is in fact just your user account anyway outside of the container?
Thanks for your time
Beta Was this translation helpful? Give feedback.
All reactions