Giving `sudo` rights to a user allows privilege escalation attacks

• GG_ID: GG_IAC_0010
• Severity: CRITICAL
• Complexity: LOW
• Categories: PERMISSION
• Providers: Docker
• Potential data exposure: True
• Visible in logs: False
• User interaction required: False
• Privileges required: False

Description

'RUN' should not use 'sudo' as it can lead to unpredictable behavior.

Impact

'sudo' can lead to unpredictable behavior. If sudo is run from a non-root user, it means the user has been given sudo rights which is similar to running as root. If sudo is run from root to a non-root user, an exploit exists to run arbitrary code as root.

Remediation guidelines

'USER' can be used to switch user and if functionalities similar to sudo are absolutely needed, such as initializing the daemon as root but running it as non-root, consider using “gosu”.

External documentation

• Dockerfile Best Practice
• Dockerfile Reference
• sudo from root allows TTY hijacking and arbitrary code execution