Hardening Security for Ownerless Files

Due to inconsistencies between the official Docker image environment and the OS on a physical machine, user mappings may not align, which can result in files generated during the running of the physical machine or container becoming unowned.

You can run the find / -nouser -o -nogroup command to search for ownerless files in a container or on a physical machine. Then, create users and user groups based on the UIDs and GIDs of the files, or change the UIDs of existing users or GIDs of user groups to assign file owners, to prevent security risks caused by ownerless files.