From 968950f783921db9c8714e3c4a2d5251db365f94 Mon Sep 17 00:00:00 2001
From: Craeckie <josia-login@rosskopfs.de>
Date: Thu, 22 Apr 2021 09:53:49 +0000
Subject: [PATCH] Use unprivileged user in docker

See
https://americanexpress.io/do-not-run-dockerized-applications-as-root/
and
https://engineering.bitnami.com/articles/why-non-root-containers-are-important-for-security.html
---
 Dockerfile | 1 +
 1 file changed, 1 insertion(+)

diff --git a/Dockerfile b/Dockerfile
index dc8d8de..8fd1f79 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -11,5 +11,6 @@ EXPOSE 9011
 EXPOSE 9012
 EXPOSE 9013
 COPY --from=builder /go/croc/croc /go/croc/croc-entrypoint.sh /
+USER nobody
 ENTRYPOINT ["/croc-entrypoint.sh"]
 CMD ["relay"]