Container security profiles

Evidence-backed minimum-security profiles for container images — the capabilities and read-only-filesystem config each image actually needs, derived by drop-test and live eBPF observation (container-sec-derive) and consumed by compose-lint as fix-guidance enrichment.

33 validated profiles. Every profile is digest-pinned, backed by a committed workload, and carries its full derivation evidence — click through for the drop-test table, recorded invocation, and validation criteria. Confidence: high = the workload deterministically exercises the derived surface; moderate = the image's feature surface is larger than any workload can bound — read the criteria for what's covered. Missing an image? Request a profile.

Pin column — pin current the pinned digest still matches the tag's latest published digest; pin stale upstream republished the tag, re-derivation pending; pin unchecked registry not queried. Tracks digest drift on the pinned tag, not whether a newer version tag exists. Checked 2026-07-17.

ImageTagsDerived minimum (per dimension) ValidatedPin
codeberg.org/forgejo/forgejo15
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, NET_BIND_SERVICE, SETGID, SETUID, SYS_CHROOT high
filesystem — not yet derived
2026-07-16pin current
docker.io/adguard/adguardhomev0.107.78
capabilities — cap_drop: ALL + cap_add: DAC_OVERRIDE, NET_BIND_SERVICE moderate
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/binwiederhier/ntfyv2.14.0
capabilities — cap_drop: ALL + cap_add: NET_BIND_SERVICE high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/grafana/alloyv1.16.2
capabilities — cap_drop: ALL (no cap_add) moderate
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/grafana/grafana13.0.2
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs moderate
2026-07-16pin current
docker.io/grafana/loki3.7.2
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/jellyfin/jellyfin10.11
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs high
devices — devices moderate
2026-07-16pin current
docker.io/library/caddy2
capabilities — cap_drop: ALL + cap_add: NET_BIND_SERVICE high
filesystem — read_only: true, no tmpfs high
2026-07-17pin current
docker.io/library/eclipse-mosquitto2.0
capabilities — cap_drop: ALL + cap_add: SETGID, SETUID high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/library/haproxy3.2
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/library/httpd2.4
capabilities — cap_drop: ALL + cap_add: NET_BIND_SERVICE, SETGID, SETUID high
filesystem — read_only: true + tmpfs: /usr/local/apache2/logs high
2026-07-16pin current
docker.io/library/mariadb11.4
capabilities — cap_drop: ALL + cap_add: SETGID, SETUID high
filesystem — read_only: true + tmpfs: /run/mysqld, /tmp high
2026-07-16pin current
docker.io/library/memcached1.6
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/library/mongo8.0
capabilities — cap_drop: ALL + cap_add: SETGID, SETUID high
filesystem — read_only: true + tmpfs: /tmp high
2026-07-16pin current
docker.io/library/mysql8.4
capabilities — cap_drop: ALL + cap_add: DAC_OVERRIDE, SETGID, SETUID high
filesystem — read_only: true + tmpfs: /tmp, /var/run/mysqld high
2026-07-17pin current
docker.io/library/nextcloud32
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, FOWNER, NET_BIND_SERVICE, SETGID, SETUID high
filesystem — read_only: true + tmpfs: /var/run/apache2 high
2026-07-16pin current
docker.io/library/postgres16
filesystem — read_only: true + tmpfs: /run/postgresql high
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, SETGID, SETUID high
2026-07-17pin current
docker.io/library/rabbitmq4.3
capabilities — cap_drop: ALL + cap_add: SETGID, SETUID high
filesystem — not yet derived
2026-07-16pin current
docker.io/library/redis8.2.7
capabilities — cap_drop: ALL + cap_add: SETGID, SETUID high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/library/traefikv3.7
capabilities — cap_drop: ALL + cap_add: NET_BIND_SERVICE high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/library/wordpress6.9
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, FOWNER, NET_BIND_SERVICE, SETGID, SETUID high
filesystem — read_only: true + tmpfs: /var/run/apache2 high
2026-07-16pin current
docker.io/louislam/uptime-kuma2
capabilities — cap_drop: ALL + cap_add: DAC_OVERRIDE, FOWNER moderate
filesystem — read_only: true + tmpfs: /tmp high
2026-07-16pin current
docker.io/minio/minioRELEASE.2025-09-07T16-13-09Z
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/netdata/netdatav2.10.3
capabilities — cap_drop: ALL + cap_add: DAC_OVERRIDE, SETGID, SETUID, SYS_PTRACE moderate
filesystem — read_only: true + tmpfs: /tmp high
2026-07-17pin current
docker.io/pihole/pihole2026.07.2
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, NET_BIND_SERVICE, SETFCAP, SETGID, SETUID moderate
filesystem — read_only: false, no tmpfs high
2026-07-16pin current
docker.io/prom/prometheusv3.13.1
capabilities — cap_drop: ALL (no cap_add) high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/syncthing/syncthing2.0
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, SETGID, SETUID high
filesystem — read_only: true, no tmpfs high
2026-07-16pin current
docker.io/valkey/valkey9
capabilities — cap_drop: ALL + cap_add: SETGID, SETUID high
filesystem — read_only: true, no tmpfs high
app-tier2026-07-16pin current
docker.io/netdata/netdata
cap_add_validation — cap_add_validation low
capabilities — not yet derived
filesystem — not yet derived
2026-07-16pin unchecked
ghcr.io/gethomepage/homepagev1.13.2
filesystem — read_only: true + tmpfs: /app/.next/cache high
capabilities — not yet derived
2026-07-03pin current
ghcr.io/home-assistant/home-assistant2026.7.1
capabilities — cap_drop: ALL + cap_add: DAC_OVERRIDE moderate
filesystem — read_only: true + tmpfs: /run:exec high
2026-07-16pin current
ghcr.io/immich-app/postgres14-vectorchord0.4.3-pgvectors0.2.0
capabilities — cap_drop: ALL + cap_add: CHOWN, DAC_OVERRIDE, SETGID, SETUID high
filesystem — read_only: true + tmpfs: /etc/postgresql, /var/run/postgresql high
app-tier2026-07-16pin current
ghcr.io/paperless-ngx/paperless-ngx2.18
capabilities — cap_drop: ALL + cap_add: CHOWN, SETGID, SETUID high
filesystem — read_only: true + tmpfs: /run:exec, /tmp high
2026-07-16pin current
quay.io/keycloak/keycloak26.4
capabilities — cap_drop: ALL (no cap_add) high
filesystem — not yet derived
2026-07-16pin current

Reading a profile

A profile is the minimum for the recorded invocation (the run_config block) exercised by the committed workload — not a universal truth about the image. Startup-only needs (a data-dir chown, a root→user privilege drop) are derived by drop-test, which catches what runtime observation is blind to. Read the criteria doc before adopting a profile — and if it breaks your deployment, that's signal: report the mismatch.