security: default to non-privileged chainlink user in Dockerfile#21348
Closed
R-Panic wants to merge 1 commit intosmartcontractkit:developfrom
Closed
security: default to non-privileged chainlink user in Dockerfile#21348R-Panic wants to merge 1 commit intosmartcontractkit:developfrom
R-Panic wants to merge 1 commit intosmartcontractkit:developfrom
Conversation
- Changed default CHAINLINK_USER from 'root' to 'chainlink' in core/chainlink.Dockerfile - Changed default CHAINLINK_USER from 'root' to 'chainlink' in plugins/chainlink.Dockerfile - Users who need root can still override the ARG - Follows security best practice of principle of least privilege - Secure by default for container deployments Fixes smartcontractkit#21005
product-security-plaid-production
bot
requested review from
erikburt and
vyzaldysanchez
|
Hi team, I'll update the Dockerfile to use a non-privileged chainlink user for better security. This follows security best practices. Please assign! |
Collaborator
|
The official images that we publish run as non-root, as we pass an appropriate parameter for the For example: chainlink/.github/workflows/build-publish.yml Lines 106 to 107 in 503492d |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
3 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Fixes #21005
Summary
Improved Docker security by defaulting to a non-privileged
chainlinkuser instead ofroot. This follows the principle of least privilege and represents secure-by-default configuration for container deployments.Changes
Updated both official Chainlink Dockerfiles:
core/chainlink.Dockerfile- main production Dockerfileplugins/chainlink.Dockerfile- experimental/testing DockerfileChanged default
CHAINLINK_USERargument from:To:
Impact
--build-arg CHAINLINK_USER=rootCHAINLINK_USER != rootTesting
The existing Dockerfile logic handles this change correctly:
RUN if [ ${CHAINLINK_USER} != root ]; then useradd --uid 14933 --create-home ${CHAINLINK_USER}; fiWhen
CHAINLINK_USER=chainlink, the container will:chainlinkuser with UID 14933USER ${CHAINLINK_USER}Security Rationale
Running containers as root by default violates security best practices: