From 7e3ecaf17dd917011dd3c7fe5ede83e6a1583b13 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Sj=C3=B6gren?=
 <konstruktoid@users.noreply.github.com>
Date: Wed, 13 Feb 2019 14:58:34 +0100
Subject: [PATCH] catch root with uid and name as well #358 CVE-2019-5736
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Signed-off-by: Thomas Sjögren <konstruktoid@users.noreply.github.com>
---
 tests/4_container_images.sh | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/tests/4_container_images.sh b/tests/4_container_images.sh
index 165b5e2..94e2697 100644
--- a/tests/4_container_images.sh
+++ b/tests/4_container_images.sh
@@ -49,7 +49,7 @@ check_4_1() {
     for c in $containers; do
       user=$(docker inspect --format 'User={{.Config.User}}' "$c")
 
-      if [ "$user" = "User=" ] || [ "$user" = "User=[]" ] || [ "$user" = "User=<no value>" ]; then
+      if [ "$user" = "User=0" ] || [ "$user" = "User=root" ] || [ "$user" = "User=" ] || [ "$user" = "User=[]" ] || [ "$user" = "User=<no value>" ]; then
         # If it's the first container, fail the test
         if [ $fail -eq 0 ]; then
           warn "$check_4_1"