We ought to tighten up a bit the settings of the docker image used for slack-irc as it's not setting the USER field, so it's effectively as if it were running as root.
The image is running on a dedicated instance which doesn't have any sensitive data on it, so the impact is pretty low, yet we still ought to fix it.
This was identified as part of a security audit with the info level of severity (OON-01-011 WP7).
We ought to tighten up a bit the settings of the docker image used for slack-irc as it's not setting the
USER
field, so it's effectively as if it were running as root.The image is running on a dedicated instance which doesn't have any sensitive data on it, so the impact is pretty low, yet we still ought to fix it.
This was identified as part of a security audit with the info level of severity (
OON-01-011 WP7
).