https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/529422#M1751 <P>I think the second configuration is for exceptions where the container doesn't support non root users. You basically set all python 3 docker images to run as root</P> <P>&nbsp;</P> Wed, 01 Feb 2023 08:04:50 GMT EnesOzdemir 2023-02-01T08:04:50Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/518826#M1309 <P>Hello,</P> <P>&nbsp;</P> <P>I followed this docker hardening documentation to harden the docker containerzied environment for Cortex XSOAR solutin.&nbsp;</P> <P>&nbsp;</P> <P>I added the first server configuration key as this (<SPAN>docker.run.internal.asuser = true), and reset docker containers then issue this command (!py script="import os;print(os.getuid())") to validate if docker currently run under non root user, and it returns 999 which is good.</SPAN></P> <P>&nbsp;</P> <P><SPAN>But after i added the second configuration key mentioned in the document as this (docker.run.internal.asuser.ignore=demisto/python3:,demisto/python:), and repeat the same process to confirm user, it returned (0) this time.&nbsp;</SPAN></P> <P>&nbsp;</P> <P><SPAN>So i'm just wondering if this is normal of have i made a mistake while adding the second key.</SPAN></P> <P>&nbsp;</P> <P><SPAN>Thanks,</SPAN></P> <P><SPAN>Ahmed Saeed</SPAN></P> Sat, 22 Oct 2022 10:10:54 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/518826#M1309 Amado.Saeeed 2022-10-22T10:10:54Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/518828#M1310 <P>&nbsp;I ran the final hardening check script, and this is the output</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="AmadoSaeeed_0-1666436252839.png" style="width: 400px;"><img src="https://live.paloaltonetworks.com/t5/image/serverpage/image-id/44823i2F00FB63ECACA00C/image-size/medium/is-moderation-mode/true?v=v2&amp;px=400" role="button" title="AmadoSaeeed_0-1666436252839.png" alt="AmadoSaeeed_0-1666436252839.png" /></span></P> <P>&nbsp;</P> Sat, 22 Oct 2022 10:58:01 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/518828#M1310 Amado.Saeeed 2022-10-22T10:58:01Z https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/529422#M1751 <P>I think the second configuration is for exceptions where the container doesn't support non root users. You basically set all python 3 docker images to run as root</P> <P>&nbsp;</P> Wed, 01 Feb 2023 08:04:50 GMT https://live.paloaltonetworks.com/t5/cortex-xsoar-discussions/docker-hardening/m-p/529422#M1751 EnesOzdemir 2023-02-01T08:04:50Z