Docker container should'nt run as root

[menardorama]

As a security measure, the Dockerfile should have a USER directive in order to run using a non privileged user account.

Can you add it ?

[GitJamz]

This is absolutely true.. Please can we have this feature added as soon as possible!

[ebuzzz]

The container starts up exim (the actual SMTP agent) and that process drops root privileges. I guess the only way to fix this would be to add a new user (apart from Debian-exim) to the image, and chmod all files that exim needs at the startup. I've checked other images that use Exim4, but none of them seem to use this practice. Which leads me to suspect that there is an issue with my thought.

[laimison]

Anyone modified it to avoid root account? If so, can you send what you did in a Dockerfile? If privileged port is the problem, maybe setcap can be used or converting the custom port inside the container to 25 outside of container.

[laimison]

Here is the rootless Dockerfile that could be merged into this solution https://github.com/industrieco/docker-exim-relay

[guidoffm]

Here is the rootless Dockerfile that could be merged into this solution https://github.com/industrieco/docker-exim-relay

The link gives 404 now.

[katuka2]

@laimison, this link is giving 404 now
https://github.com/industrieco/docker-exim-relay