Dockerfile rule: Avoid using sudo (#3029)

* Dockerfile rule: Avoid using sudo

* Update extension

* Update no-sudo-in-dockerfile.yaml

* Update no-sudo-in-dockerfile.dockerfile

---------

Co-authored-by: Vasilii Ermilov <inkz@xakep.ru>

dockerfile/security/no-sudo-in-dockerfile.dockerfile

@@ -0,0 +1,21 @@
+# Use an official Ubuntu 20.04 as base image
+FROM ubuntu:20.04
+
+ENV DEBIAN_FRONTEND noninteractive
+
+# ok: no-sudo-in-dockerfile
+RUN apt-get update && apt-get upgrade -y
+
+# ok: no-sudo-in-dockerfile
+RUN apt-get install -y sudo
+
+RUN useradd -ms /bin/bash newuser
+
+RUN echo "newuser ALL=(ALL:ALL) NOPASSWD:ALL" >> /etc/sudoers
+
+USER newuser
+
+# ruleid: no-sudo-in-dockerfile
+RUN sudo apt-get install -y curl
+
+CMD ["echo", "Hello, Docker!"]

dockerfile/security/no-sudo-in-dockerfile.yaml

@@ -0,0 +1,27 @@
+rules:
+- id: no-sudo-in-dockerfile
+  patterns:
+  - pattern: |
+      RUN sudo ...
+  message: >-
+    Avoid using sudo in Dockerfiles. Running processes as a non-root user can help 
+    reduce the potential impact of configuration errors and security vulnerabilities.
+  metadata:
+    category: security
+    technology:
+    - dockerfile
+    cwe: 
+    - 'CWE-250: Execution with Unnecessary Privileges'
+    owasp:
+    - A05:2021 - Security Misconfiguration
+    references:
+    - https://cwe.mitre.org/data/definitions/250.html
+    - https://docs.docker.com/develop/develop-images/dockerfile_best-practices/#user
+    subcategory:
+    - audit
+    likelihood: LOW
+    impact: LOW
+    confidence: HIGH
+  languages:
+  - dockerfile
+  severity: WARNING