This PR improves on the Sandboxing feature by removing the need to extend the original image and using docker's --user option instead.
Additionally, if the original image is already running as a non-root user, Tork will respect that and not attempt to run the container as another user. Otherwise, Tork will set the UID and GID to 1000.
This PR improves on the Sandboxing feature by removing the need to extend the original image and using docker's --user option instead.
Additionally, if the original image is already running as a non-root user, Tork will respect that and not attempt to run the container as another user. Otherwise, Tork will set the
UID
andGID
to1000
.