Browse Source

docker: run as non-root user by default

tags/v3.4.0
cn 2 weeks ago
committed by Christian Nicolai
parent
commit
6374837156
  1. 6
      CHANGELOG.md
  2. 6
      docker/Dockerfile

6
CHANGELOG.md

@ -1,5 +1,11 @@
# Changelog
## 3.4.0 (April 2, 2021)
IMPROVEMENTS:
- **change** Docker image to run as non-root user `65534` by default, limits attack surface for security and gives OpenShift compatibility
## 3.3.3 (April 1, 2021)
OTHER:

6
docker/Dockerfile

@ -12,4 +12,10 @@ RUN apk --no-cache add openssl ca-certificates && \
cp /usr/share/zoneinfo/Europe/Berlin /etc/localtime && \
apk del .build-deps
# Follow the principle of least privilege: run as unprivileged user.
# Running as non-root enables running this image in platforms like OpenShift
# that do not allow images running as root.
# User ID 65534 is usually user 'nobody'.
USER 65534
ENTRYPOINT ["dyndnsd", "/etc/dyndnsd/config.yml"]
Loading…
Cancel
Save