Skip to content

Security: CLIN42/mq-container

Security

docs/security.md

Security

Container runtime

User

The MQ server image is run using with UID 1001, though this can be any UID, with a fixed GID of 0 (root).

Capabilities

The MQ Advanced image requires no Linux capabilities, so you can drop any capabilities which are added by default. For example, in Docker you could do the following:

docker run \
  --cap-drop=ALL \
  --env LICENSE=accept \
  --env MQ_QMGR_NAME=QM1 \
  --detach \
  ibm-mqadvanced-server:9.4.0.5-amd64

There aren’t any published security advisories