# Docker User and File Permissions

- ID: docker-user-permissions
- Severity: HIGH
- CWE: CWE-250 (CWE-250)
- Languages: Dockerfile
- Frameworks: docker

## Description

Detects explicit root user and overly permissive chmod 777 permissions.

## Detection Message

Dockerfile contains {issue_type}: {details}

## Remediation

Use a non-root user and restrictive file permissions.

```dockerfile
RUN adduser -D appuser
USER appuser
```

Learn more: https://shoulder.dev/learn/docker/cwe-250/user-permissions

## Documentation

[object Object]

## Related Rules

- **Container runs as root** [HIGH]: 
- **Privilege Escalation Allowed** [HIGH]: 
- **Dangerous Linux Capabilities Added** [CRITICAL]: 
- **Host Namespace Access Enabled** [CRITICAL]: 
- **Missing Capability Restrictions** [MEDIUM]: