fix: run Docker container as non-root user (closes #34)

- Switch to gcr.io/distroless/cc-debian12:nonroot - Add explicit USER 65534:65534 directive - Add Docker security CI job verifying non-root UID, :nonroot base, and USER directive - Document CIS Docker Benchmark compliance in SECURITY.md - Add tests and edge cases for container security
2026-02-14 13:16:33 -05:00 · 2026-02-14 13:16:33 -05:00 · 76074cb789
commit 76074cb789
parent cc08f4bfff
14 changed files with 2270 additions and 168 deletions
--- a/SECURITY.md
+++ b/SECURITY.md
@ -61,3 +61,33 @@ cargo test -- tools::shell
 cargo test -- tools::file_read
 cargo test -- tools::file_write
 ```
+
+## Container Security
+
+ZeroClaw Docker images follow CIS Docker Benchmark best practices:
+
+| Control | Implementation |
+|---------|----------------|
+| **4.1 Non-root user** | Container runs as UID 65534 (distroless nonroot) |
+| **4.2 Minimal base image** | `gcr.io/distroless/cc-debian12:nonroot` — no shell, no package manager |
+| **4.6 HEALTHCHECK** | Not applicable (stateless CLI/gateway) |
+| **5.25 Read-only filesystem** | Supported via `docker run --read-only` with `/workspace` volume |
+
+### Verifying Container Security
+
+```bash
+# Build and verify non-root user
+docker build -t zeroclaw .
+docker inspect --format='{{.Config.User}}' zeroclaw
+# Expected: 65534:65534
+
+# Run with read-only filesystem (production hardening)
+docker run --read-only -v /path/to/workspace:/workspace zeroclaw gateway
+```
+
+### CI Enforcement
+
+The `docker` job in `.github/workflows/ci.yml` automatically verifies:
+1. Container does not run as root (UID 0)
+2. Runtime stage uses `:nonroot` variant
+3. Explicit `USER` directive with numeric UID exists