Giving `sudo` rights to a user allows privilege escalation attacks
| Severity | Exploitability | Providers | Categories |
|---|---|---|---|
| CRITICAL | HIGH | Docker | PERMISSION |
Description
'RUN' should not use 'sudo' as it can lead to unpredictable behavior.
Impact
| Potential data exposure | Visible in logs | User interaction required | Privileges required |
|---|---|---|---|
| True | False | False | False |
'sudo' can lead to unpredictable behavior. If sudo is run from a non-root user, it means the user has been given sudo rights which is similar to running as root. If sudo is run from root to a non-root user, an exploit exists to run arbitrary code as root.
Remediation guidelines
'USER' can be used to switch user and if functionalities similar to sudo are absolutely needed, such as initializing the daemon as root but running it as non-root, consider using “gosu”.
References
Was this page helpful?
