
Building rootless containers for JavaScript front ends
By default, most containers are run as the root user. It is much easier to install dependencies, edit files, and run processes on restricted ports when they run as root. As is usually the case in computer science, though, simplicity comes at a cost. In this case, containers run as root are more vulnerable to malicious code and attacks. To avoid those potential security gaps, Red Hat OpenShift won’t let you run containers as a root user. This restriction adds a layer of security and isolates the containers.
Continue reading Building rootless containers for JavaScript front ends