docker: don't run executable as root (#378)

Bixilon · Bios-Marcel · web-flow · commit ba9a13d9c4df · 2025-09-19T15:36:51.000+02:00
The image now runs with user and group 248, which is just a random number, no user or group with that ID exist by default.

---------

Co-authored-by: The King of Half-Baked Projects &lt;marcelschr@protonmail.com&gt;
diff --git a/fly.Dockerfile b/fly.Dockerfile
@@ -36,3 +36,5 @@ COPY --from=builder /app/scribblers /scribblers
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 
 ENTRYPOINT ["/scribblers"]
+# Random uid to avoid having root privileges. Linux doesn't care that there's no user for it.
+USER 248:248
diff --git a/linux.Dockerfile b/linux.Dockerfile
@@ -33,3 +33,5 @@ COPY --from=builder /app/scribblers /scribblers
 COPY --from=builder /etc/ssl/certs/ca-certificates.crt /etc/ssl/certs/
 
 ENTRYPOINT ["/scribblers"]
+# Random uid to avoid having root privileges. Linux doesn't care that there's no user for it.
+USER 248:248
