iac/dockerfile/dockerfile-user-root

Container runs as root

mediumDockerfileiac-dockerfile

What it detects

No USER directive found, so the container's entrypoint runs as UID 0. Any container escape or mounted-volume bug becomes root-equivalent on the host kernel.

Remediation

Add a non-root USER (e.g. `USER 10001` or `USER node`) after installing packages.

How it runs

Run against Dockerfiles detected by path or basename. Line-based checks with remediation guidance.

Found a false positive or want this rule tuned? File an issue. You can also suppress per-repo via a .repoguardignore line.