Shouldn't be running node as root?

[NodeGuy]

Apologies if this is a FAQ, my Google-fu didn't turn up any answers.

Isn't it a bad idea that we're running node as the root user by default? I'm currently crafting Dockerfiles for my company's products and am curious about what the best practice is for this issue.

[rmustacc]

Does #1 answer your question?

[NodeGuy]

Not really, but thank you for linking to it.

Docker's Best practices for writing Dockerfiles reads, "If a service can run without privileges, use USER to change to a non-root user." I think we should do that it.

I opted to create my own version of the -onbuild Dockerfile:

FROM node:0.10

# Copy steps from -onbuild because we don't want to run as root.

ENV user node
RUN groupadd --system $user && useradd --system --create-home --gid $user $user

COPY . /home/$user/
WORKDIR /home/$user
RUN chown $user --recursive .
USER $user
RUN npm install

CMD [ "npm", "start" ]

[chorrell]

There's an ongoing discussion about this in #1

For now, creating your own Dockerfile is the way to role if you're concerned about running things as root.

[chorrell]

Closing as a dupe of #1