Skip to content

Commit

Permalink
fix: change GID/UID to 10101
Browse files Browse the repository at this point in the history 
This fixes https://bugs.launchpad.net/ubuntu-docker-images/+bug/2068013
Image tag: ubuntu/jre:17-22.04_44
Digest: sha256:7cb8b71a5655da89654ef10704d67b65768de0ca868d3284c1296d03bf6eaa09

The Chiselled Ubuntu for JRE docker image is running with user with uid 101. It raises a security issue when analyzing the image with a security tool because it might cause a conflict with the host user table (see https://kubesec.io/basics/containers-securitycontext-runasuser/ for more details)

To fix this, the uid must be greater than 10000.
  • Loading branch information
@vpa1977
vpa1977 committed Oct 3, 2024
1 parent cbd9db0 commit 9f7bb8f
Showing 1 changed file with 2 additions and 2 deletions.
4 changes: 2 additions & 2 deletions jre/Dockerfile.22.04
View file
Original file line number Diff line number Diff line change
@@ -1,8 +1,8 @@
ARG UBUNTU_RELEASE=22.04
ARG USER=app
ARG UID=101
ARG UID=10101
ARG GROUP=app
ARG GID=101
ARG GID=10101
ARG CHISEL_VERSION=0.10.0

FROM public.ecr.aws/ubuntu/ubuntu:$UBUNTU_RELEASE@sha256:1582c29f34a48752e406f1a261fe9545fad895da3f6bb4be55bc82485557564e AS builder
Expand Down

0 comments on commit 9f7bb8f

Please sign in to comment.