Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Run as limited user (not root) #5

Open
amcclain opened this issue Mar 3, 2020 · 1 comment
Open

Run as limited user (not root) #5

amcclain opened this issue Mar 3, 2020 · 1 comment
Assignees
@amcclain

Comments

@amcclain
Copy link
Member

amcclain commented Mar 3, 2020

While running in a Docker container and using the official nginx image should have us in a reasonable state w.r.t. security, we should follow best practices and not run this container as root.

Note this might involve moving off of nginx image base (not sure - need to research) as well as swapping to an alternate port. The port remapping back to 80 or 443 can then be handled at the k8s / docker layer.

Note complimentary xh-tomcat issue here: xh/xh-tomcat#1
@amcclain amcclain assigned ghost and amcclain and unassigned ghost Mar 3, 2020
@amcclain
Copy link
Member Author

https://github.com/nginxinc/docker-nginx-unprivileged

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@amcclain amcclain

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@amcclain