dockerfile

Verifed by r2c
Community Favorite
Semgrep
Author
1,636
Download Count*

Selected rules from Hadolint, a Dockerfile linter, rewritten in Semgrep.

Run Locally

Rules (6)

profile photo of semgrepsemgrep

By not specifying a USER, a program in the container may run as 'root'. This is a security hazard. If an attacker can control a process running as root, they may have control over the container. Ensure that the last USER in a Dockerfile is a USER other than 'root'.