Giving `sudo` rights to a user allows privilege escalation attacks
- GG_ID: GG_IAC_0010
- Severity: CRITICAL
- Complexity: LOW
- Categories: PERMISSION
- Providers: Docker
- Potential data exposure: True
- Visible in logs: False
- User interaction required: False
- Privileges required: False
'RUN' should not use 'sudo' as it can lead to unpredictable behavior.
'sudo' can lead to unpredictable behavior. If sudo is run from a non-root user, it means the user has been given sudo rights which is similar to running as root. If sudo is run from root to a non-root user, an exploit exists to run arbitrary code as root.
'USER' can be used to switch user and if functionalities similar to sudo are absolutely needed, such as initializing the daemon as root but running it as non-root, consider using “gosu”.