Update Dockerfile to run process as non-privileged user. (#3709)

pull/3711/head
asimons04 2023-07-24 09:51:51 -04:00 committed by GitHub
parent 102124b6d2
commit 13a866aeb0
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions

View File

@ -37,4 +37,9 @@ RUN apk add --no-cache libpq
# Copy resources
COPY --from=builder /app/lemmy_server /app/lemmy
# Create non-privileged user
RUN adduser -h /app -s sh -S -u 1000 lemmy
RUN chown -R lemmy /app
USER lemmy
CMD ["/app/lemmy"]