TF 0422 - SymbioticSec/Symbiotic-Vulnerability-Database GitHub Wiki
RUN using 'sudo
| Property | Value |
|---|---|
| Language |  |
| Severity |  |
| Vulnerability Type | omission |
Description
Including 'sudo' in RUN instructions within a Dockerfile introduces unnecessary privilege escalation, leading to unpredictable build behavior and inconsistent image states. Docker containers typically execute as root by default, making 'sudo' redundant and potentially problematic.
Impact
Using 'sudo' in Dockerfile RUN commands can cause build failures, security risks, and portability issues. It may mask permission problems, complicate troubleshooting, and open avenues for privilege misuse, potentially resulting in images that behave inconsistently or are vulnerable to privilege escalation attacks.
Resolution
Don't use sudo