From: asimons04 <69986579+asimons04@users.noreply.github.com>
Date: Mon, 24 Jul 2023 13:51:51 +0000 (-0400)
Subject: Update Dockerfile to run process as non-privileged user. (#3709)
X-Git-Url: http://these/git/%22https:/nerdica.net/%24%7B%60data:application/manifest%20json;base64%2C%24%7Bawait?a=commitdiff_plain;h=13a866aeb0c24f20ed18ab40c0ea5616ef910676;p=lemmy.git

Update Dockerfile to run process as non-privileged user. (#3709)
---

diff --git a/docker/Dockerfile b/docker/Dockerfile
index e81d9d0c..02c2e572 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -37,4 +37,9 @@ RUN apk add --no-cache libpq
 # Copy resources
 COPY --from=builder /app/lemmy_server /app/lemmy
 
+# Create non-privileged user
+RUN adduser -h /app -s sh -S -u 1000 lemmy
+RUN chown -R lemmy /app
+USER lemmy
+
 CMD ["/app/lemmy"]