From 13a866aeb0c24f20ed18ab40c0ea5616ef910676 Mon Sep 17 00:00:00 2001
From: asimons04 <69986579+asimons04@users.noreply.github.com>
Date: Mon, 24 Jul 2023 09:51:51 -0400
Subject: [PATCH] Update Dockerfile to run process as non-privileged user.
 (#3709)

---
 docker/Dockerfile | 5 +++++
 1 file changed, 5 insertions(+)

diff --git a/docker/Dockerfile b/docker/Dockerfile
index e81d9d0c..02c2e572 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -37,4 +37,9 @@ RUN apk add --no-cache libpq
 # Copy resources
 COPY --from=builder /app/lemmy_server /app/lemmy
 
+# Create non-privileged user
+RUN adduser -h /app -s sh -S -u 1000 lemmy
+RUN chown -R lemmy /app
+USER lemmy
+
 CMD ["/app/lemmy"]
-- 
2.44.1