From 9bc17e21fd8f57a6b9787b4a07fd8e75cfb4a822 Mon Sep 17 00:00:00 2001
From: seasharp <seasharp@libre.audio>
Date: Fri, 13 Sep 2024 01:49:12 +0000
Subject: [PATCH] Update 'FAQ'

---
 FAQ.md | 11 ++++++++++-
 1 file changed, 10 insertions(+), 1 deletion(-)

diff --git a/FAQ.md b/FAQ.md
index 9d9942a..40168b1 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -1 +1,10 @@
-This is the FAQ page.
\ No newline at end of file
+### Why run non-root containers?
+
+In Linux, each process runs with a UID. Container processes (Docker, Podman, LXC, etc.) run as root, though they may run their containerized service as a non-root user, will still be running as root on their paravirtual host.
+
+This means that, should they be able to leverage privilege escalation exploits or otherwise escape the container, they will end up with control of a process with UID 0 (root).
+
+Non-root containers avoid this privilege escalation path for compromised container runtimes by running as non-root UIDs.
+
+#### Sources
+[1] https://eitca.org/cybersecurity/eitc-is-lsa-linux-system-administration/linux-processes/processes-overview/examination-review-processes-overview/what-is-the-difference-between-user-id-uid-and-effective-user-id-euid-in-linux-processes/#:~:text=In%20the%20Linux%20operating%20system,while%20interacting%20with%20system%20resources.
\ No newline at end of file