The article explains that software on a server should be installed using the root account to place executables in system directories, while the actual processes should run under a non‑root user to limit privileges, and provides practical tips for configuring file permissions and avoiding security risks.
This article shares practical experience on converting business containers to run without root privileges, covering the importance of non‑root execution, essential security concepts, Dockerfile USER settings, entrypoint scripts, handling machine‑UUID access, and concrete examples for CoreDNS, Consul, MySQL, Redis, etc.
This article explains why running business containers without root privileges is essential for security, outlines the necessary background and risks, and provides detailed step‑by‑step methods, Dockerfile snippets, entrypoint scripts, and real‑world examples for MySQL, Redis, CoreDNS, Consul, and cAdvisor to achieve safe non‑root container deployments.
This guide explains essential Docker security practices—including running containers as non‑root users, employing private registries, minimizing image size, using multi‑stage builds, and enabling Docker Content Trust—to reduce attack vectors and protect containerized applications.
This article introduces the Xposed framework, explains its architecture and root‑based installation process, then explores alternative non‑root implementation methods using sandbox virtualization and Java hook techniques, detailing dual‑app virtualization, framework migration, and practical code examples for running Xposed modules on unrooted Android devices.
This article demonstrates how to automatically enable USB debugging on a non‑root Android phone after reboot by installing a high‑permission app that uses an AccessibilityService to detect the debug state, launch the developer options, and simulate user interactions to toggle the setting.
