Add Non-root User #20
Comments
|
That is a good idea! Would you be able to create a little PR implementing this @hbetts ? |
|
@jojomi I've made some modifications and added non-root user as well. I've got the changes on GitLab, what's the best method to get these to you? Should I fork it here on GH and then request a pull? |
|
@avinashmx would you mind submitting a pull request to bring in your changes? Sorry I didn't get a chance to submit a pull request with a non-root user. Got tied up with other things. I'd like to see what additional changes you came up with @avinashmx, as I'm trying to learn best practices around Docker image configurations. |
|
@hbetts Sure, let me fork it on GH, and then merge in changes and submit the pull request. Unfortunately, it's a little muddied as I made a change to allow creation of a new installation as well. |
|
I'll gladly have a look :) |
Docker's Security guide has a Conclusions section that recommends, for added security, configuring a non-root user.
For example, all
nodeimages have anodeuser that can be accessed by passing--user nodetodocker run.Some background on Docker security best practices - https://groups.google.com/forum/#!msg/docker-user/e9RkC4y-21E/JOZF8H-PfYsJ
The text was updated successfully, but these errors were encountered: