Skip to content

Fix semgrep errors in DockerFile #757

New issue
New issue
Open
Open
Fix semgrep errors in DockerFile#757
Assignees
kumaranvpl
@harishmohanraj

Description

@harishmohanraj
harishmohanraj
opened on Oct 24, 2024

Dockerfile
❯❯❱ dockerfile.security.missing-user-entrypoint.missing-user-entrypoint
By not specifying a USER, a program in the container may run as 'root'. This is a security hazard.
If an attacker can control a process running as root, they may have control over the container.
Ensure that the last USER in a Dockerfile is a USER other than 'root'.
Details: https://sg.run/k281

       ▶▶┆ Autofix ▶ USER non-root ENTRYPOINT []
       [52](https://github.com/airtai/fastagency-studio/actions/runs/11498469001/job/32004340182#step:7:53)┆ ENTRYPOINT []

❯❯❱ dockerfile.security.missing-user.missing-user
By not specifying a USER, a program in the container may run as 'root'. This is a security hazard.
If an attacker can control a process running as root, they may have control over the container.
Ensure that the last USER in a Dockerfile is a USER other than 'root'.
Details: https://sg.run/Gbvn

       ▶▶┆ Autofix ▶ USER non-root CMD [ "/usr/bin/bash", "-c", "./run-server.sh" ]
       [53](https://github.com/airtai/fastagency-studio/actions/runs/11498469001/job/32004340182#step:7:54)┆ CMD [ "/usr/bin/bash", "-c", "./run-server.sh" ]
                       
auth_callout/Dockerfile

❯❯❱ dockerfile.security.missing-user-entrypoint.missing-user-entrypoint
By not specifying a USER, a program in the container may run as 'root'. This is a security hazard.
If an attacker can control a process running as root, they may have control over the container.
Ensure that the last USER in a Dockerfile is a USER other than 'root'.
Details: https://sg.run/k281

       ▶▶┆ Autofix ▶ USER non-root ENTRYPOINT []
       17┆ ENTRYPOINT []

❯❯❱ dockerfile.security.missing-user.missing-user
By not specifying a USER, a program in the container may run as 'root'. This is a security hazard.
If an attacker can control a process running as root, they may have control over the container.
Ensure that the last USER in a Dockerfile is a USER other than 'root'.
Details: https://sg.run/Gbvn

       ▶▶┆ Autofix ▶ USER non-root CMD ["/bin/sh", "-c", "./run-auth-callout.sh"]
       18┆ CMD ["/bin/sh", "-c", "./run-auth-callout.sh"]

Metadata

Metadata

Assignees

Labels

No labels
No labels

Type

No type

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions