EquilibrateIT/ansible_wordpress-standalone
0
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Update 'FAQ'

seasharp 2024-09-13 01:49:12 +00:00
parent 36bc35d5ad
commit 9bc17e21fd
1 changed files with 10 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
FAQ.md

@ -1 +1,10 @@
This is the FAQ page.
### Why run non-root containers?
In Linux, each process runs with a UID. Container processes (Docker, Podman, LXC, etc.) run as root, though they may run their containerized service as a non-root user, will still be running as root on their paravirtual host.
This means that, should they be able to leverage privilege escalation exploits or otherwise escape the container, they will end up with control of a process with UID 0 (root).
Non-root containers avoid this privilege escalation path for compromised container runtimes by running as non-root UIDs.
#### Sources
[1] https://eitca.org/cybersecurity/eitc-is-lsa-linux-system-administration/linux-processes/processes-overview/examination-review-processes-overview/what-is-the-difference-between-user-id-uid-and-effective-user-id-euid-in-linux-processes/#:~:text=In%20the%20Linux%20operating%20system,while%20interacting%20with%20system%20resources.