feat: update Dockerfile to adjust permissions for Python binaries and restrict access to certain files

--bug=1057357 --user=刘瑞斌 【工具】工具执行沙箱的权限没有做限制 https://www.tapd.cn/62980211/s/1717636

Author: liuruibin

installer/Dockerfile

@@ -77,7 +77,8 @@ RUN chmod 755 /opt/maxkb-app/installer/*.sh && \
     useradd --no-create-home --home /opt/maxkb-app/sandbox sandbox -g root && \
     chown -R sandbox:root /opt/maxkb-app/sandbox && \
     chmod g-x /usr/local/bin/* /usr/bin/* /bin/* /usr/sbin/* /sbin/* /usr/lib/postgresql/17/bin/* && \
-    chmod g+x /usr/local/bin/python*
+    chmod g+x /usr/local/bin/python* && \
+    find /etc/ -type f ! -path '/etc/resolv.conf' ! -path '/etc/hosts' | xargs chmod g-rx
 
 EXPOSE 8080
 VOLUME /opt/maxkb