How do I fix 'COPY without --chown' warnings?

The skill suggests adding the --chown=user:group flag to your COPY instructions to ensure files are owned by the non-root application user.

Does this skill help with volume mount issues?

Yes, it identifies UID/GID mismatches between the host and container that often cause read/write failures when mounting local source code.

Why is it dangerous to run Docker containers as root?

Running as root allows a process that escapes the container to potentially have administrative access to the host machine, posing a major security risk.

Can it distinguish between Alpine and Debian images?

Yes, it provides specific remediation patterns and commands tailored for both Alpine (BusyBox) and Debian (shadow) environment conventions.

What does the check-docker-user-permissions skill do?

It scans your Dockerfiles and Docker Compose files to find security risks like root access, incorrect file ownership, and unsafe permissions.

Docker Permission Auditor

Name: Docker Permission Auditor
Author: dykyi-roman

bydykyi-roman

•

배포 및 DevOps

Audits Docker configurations to detect security risks related to user permissions, file ownership, and unsafe filesystem access.

The Docker Permission Auditor is a specialized skill designed to harden containerized environments, particularly for PHP applications. It scans Dockerfiles and Docker Compose manifests to identify critical vulnerabilities such as containers running as root, improper file ownership during build stages, and overly permissive directory access (chmod 777). By providing clear remediation steps for both Alpine and Debian distributions, it ensures your infrastructure follows security best practices and avoids common runtime permission conflicts.

주요 기능

01Scans for dangerous world-writable permissions (chmod 777)

02Detects root execution risks and missing USER instructions

0345 GitHub stars

04Identifies improper file ownership in COPY and multi-stage builds

05Recommends read-only filesystem configurations and tmpfs optimization

06Analyzes volume mounts for host/container UID and GID mismatches

사용 사례

01Hardening PHP application containers for production deployment

02Debugging permission denied errors in local development environments

03Automating security audits within Docker-based CI/CD pipelines

What are Skills?·How to Install

Install with 🐟 Skill.Fish

npx skillfish add dykyi-roman/awesome-claude-code check-docker-user-permissions

For use in Claude.ai and ChatGPT

Download Skill