Comment by tryauuum

> I asked why setting permissions was not a sufficient solution.

/etc/passwd is readable by design by every user in Linux. And you have it even inside the containers. If you set permissions to "readable by root only" normal programs won't be able to map user names to ids and your application might die

In modern linux this file doesn't contain any passwords, the only thing the attacker can gain by reading it is learning some usernames