benrubson opened a new pull request #469: GUACAMOLE-890: Security: Allow image to run as non-root user URL: https://github.com/apache/guacamole-client/pull/469 Hi, This solves https://issues.apache.org/jira/browse/GUACAMOLE-890, allowing Guacamole Docker image to run as non-root user. For this, we symlink the `guacamole.war` file during the build, not at run time. We also world-chmod the `temp` directory which strangely enough is not by default. Finally, we prevent application from being unpacked, as non-root user can't write to the `webapps` dir. As it's an important **security concern**, would be nice to have this in 1.1.0. Would really be glad to test a new build an confirm everything's OK. Many thanks for your support 👍
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
