search

gristlabs / grist-core

Grist is the evolution of spreadsheets.
https://www.getgrist.com/
Apache License 2.0
6.98k stars 310 forks source link

Container image is privileged #978

Open almereyda opened 4 months ago

almereyda commented 4 months ago

When displaying the /boot page of my instance, it says:

grafik

System user is sane

It is good practice not to run Grist as the root user.

User appears to be root (UID 0)

It is good practice to provide unprivileged Container images, by using the USER directive. This has implications on the way in which the image is built.

Reference:

paulfitz commented 4 months ago

Thanks @almereyda. You can find some context for this in https://github.com/gristlabs/grist-core/pull/789