[MXS-3382] provide non-root container Created: 2021-01-22 Updated: 2022-10-03 Resolved: 2021-05-06 |
|
| Status: | Closed |
| Project: | MariaDB MaxScale |
| Component/s: | N/A |
| Affects Version/s: | 2.5 |
| Fix Version/s: | N/A |
| Type: | New Feature | Priority: | Major |
| Reporter: | Richard Stracke | Assignee: | Todd Stoffel (Inactive) |
| Resolution: | Won't Do | Votes: | 0 |
| Labels: | None | ||
| Description |
|
Processes in Docker usually runs as root. If someone is able to break out of the container, he has root permissions on the host. So it was better to initate the start from maxscale-start and monit with a different user as maxscale. Example: |