What security best practices are there regarding containers?
Answer
- Install only the necessary packages in the container
- Don't run containers as root when possible
- Don't mount the Docker daemon unix socket into any of the containers
- Set volumes and container's filesystem to read only
- DO NOT run containers with
--privilgedflag