Simply using the "USER <uid/uname>" directory means you run as non-root user with a specified UID. Kubernetes recommends doing that as a baseline security measure. You can also drop caps from a container so even if you are root inside, you can't do a lot of things root can.
Simply using the "USER <uid/uname>" directory means you run as non-root user with a specified UID. Kubernetes recommends doing that as a baseline security measure. You can also drop caps from a container so even if you are root inside, you can't do a lot of things root can.