-
Notifications
You must be signed in to change notification settings - Fork 2k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Shouldn't be running node as root? #6
Comments
Does #1 answer your question? |
Not really, but thank you for linking to it. Docker's Best practices for writing Dockerfiles reads, "If a service can run without privileges, use USER to change to a non-root user." I think we should do that it. I opted to create my own version of the FROM node:0.10
# Copy steps from -onbuild because we don't want to run as root.
ENV user node
RUN groupadd --system $user && useradd --system --create-home --gid $user $user
COPY . /home/$user/
WORKDIR /home/$user
RUN chown $user --recursive .
USER $user
RUN npm install
CMD [ "npm", "start" ] |
There's an ongoing discussion about this in #1 For now, creating your own Dockerfile is the way to role if you're concerned about running things as root. |
Closing as a dupe of #1 |
Apologies if this is a FAQ, my Google-fu didn't turn up any answers.
Isn't it a bad idea that we're running node as the root user by default? I'm currently crafting Dockerfiles for my company's products and am curious about what the best practice is for this issue.
The text was updated successfully, but these errors were encountered: