Details
Do not docker exec with –user option.Using –user option in docker exec executes the command within the container as that user. This could potentially be insecure and unsafe to do especially when you are running containers with dropped capabilities or with enhanced restrictions.
For example, suppose your container is running as tomcat user (or any other non-root user), it would be possible to run a command through docker exec as root with –user=root option. This could potentially be dangerous.
Solution
Do not use –useroption in docker exec command.
Impact-
None.
Default Value-
By default, docker exec command runs without –useroption.
Supportive Information
The following resource is also helpful.
This control applies to the following type of system Unix.