search

PierreZ / goStatic

A really small static web server for Docker
GNU General Public License v2.0
391 stars 77 forks source link

Un-priveledged user #21

Closed solaris765 closed 4 years ago

solaris765 commented 4 years ago

I'm not too experienced with 'FROM scratch' images with Docker yet. And correct me if I'm wrong, but wouldn't this run as root in its current state?

And would you except a PR that adds an un-privileged user to the build?

PierreZ commented 4 years ago

Hi @solaris765!

Just checked it by running a dummy goStatic:

docker top da453ae04fed
PID                 USER                TIME                COMMAND
2249                root                0:00                /goStatic

As you have guessed, process is launched as root in it's current state. I would love a PR to fix that!

I found some blogposts to add a user to the scratch base image, that may be useful to you.

Happy hacking! Pierre

solaris765 commented 4 years ago

Let me know if you'd like me to change anything! I tried to keep the build steps as low as possible and maintain the current project structure as best I could.