From cd93fe8708a08af7ad2b4089659f805ce672aab9 Mon Sep 17 00:00:00 2001 From: Matthew Northcott Date: Wed, 29 Mar 2023 16:41:46 +1300 Subject: [PATCH] Run backend as non-root user --- backend/Dockerfile | 10 ++++++---- 1 file changed, 6 insertions(+), 4 deletions(-) diff --git a/backend/Dockerfile b/backend/Dockerfile index d46ec77..7850a65 100644 --- a/backend/Dockerfile +++ b/backend/Dockerfile @@ -7,10 +7,12 @@ RUN apt update \ && rm -rf /var/lib/apt/lists/* \ && apt clean -COPY ./requirements.txt /app/requirements.txt - -RUN pip install -U --no-cache-dir -r requirements.txt - COPY . /app +RUN pip install -U --no-cache-dir -r requirements.txt && \ + useradd -Mu 1000 righttree && \ + chown -R righttree:righttree /app + ENV DJANGO_SETTINGS_MODULE="right_tree.settings" + +USER righttree