Reputation: 253
Running Spring Boot app as service using root account
Spring Boot Documentation recommends to not manage spring boot service as root user. https://docs.spring.io/spring-boot/docs/current-SNAPSHOT/reference/html/deployment-install.html#deployment-service
What are some of the issues I might face if I start / stop my spring boot service as root user?
/etc/init.d/myapp start
Upvotes: 0
Views: 1730
Answers (2)
Reputation: 154
If you run your spring boot app as root user, and your code or code in any of the libraries you rely on contains a remote code execution vulnerability, the code it remotely executes will be run as root.
Generally speaking, it's good to put a few barriers up between a hacker and root.
Upvotes: 1
Reputation: 163
This is the practice for any non-system process/service. Ask yourself: Why would Spring Boot need to run as root, with unlimited permissions?
Instead create a separate user to run services like this which have the privileges necessary for functionality, and nothing more.
It really is just a matter of security
Upvotes: 1
Related Questions
- Starting a bootRun process on port 80 as non-root user with Spring
- Spring Boot application as a Service
- Start a spring boot application via a systemd service
- how to run springboot init.d service as non root user?
- running the application on controller
- passing RUN_ARGS for spring boot application running as service in linux
- How to run Spring Boot Application as a Service?
- Deploying a Spring Boot web application as a service to Ubuntu
- Spring boot security - create root user on startup
- How to run spring-boot as a service in linux