zlacker

[parent] [thread] 1 comments
1. codege+(OP)[view] [source] 2025-12-17 22:00:24
tl:dr: He got hacked but the damage was only restricted to one docker container runn ing Umami (that is built on top of NextJS). Thankfully, he was running the docker container as a non privileged non-root user which saved him big time considering the fact that the attack surface was limited only within the container and could not access the entire host/filesystem.

Is there ever a reason someone should run a docker container as root ?

replies(1): >>d4mi3n+Z1
2. d4mi3n+Z1[view] [source] 2025-12-17 22:12:10
>>codege+(OP)
If you're using the container to manage stuff on the host, it'll likely need to be a process running as root. I think the most common form of this is Docker-in-Docker style setups where a container is orchestrating other containers directly through the Docker socket.
[go to top]