DEV Community

Discussion on: Top 8 Docker Best Practices for using Docker in Production ✅

wizardlizardroy profile image
Roy Ben-Yosef

For example, let's say you followed the advice for not using root. But now you have something bad in your container that wants to gain local privilege escalation (e.g. through some vulnerability take over the host). Oftentimes, local tools may contain vulnerabilities that can allow such lpe.
So yes, I think that is a really good example for reducing attack surface.