[ https://issues.apache.org/jira/browse/GUACAMOLE-890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17026039#comment-17026039 ]
Jotam commented on GUACAMOLE-890: --------------------------------- chmoding /usr/local/tomcat/webapps/ of my local guacamole image does the trick, java properly starts as 65534:65534 user. So I think we are not so far from a proper fix ;) (y) > Guacamole/Guacd Docker Process Privilege Drop > --------------------------------------------- > > Key: GUACAMOLE-890 > URL: https://issues.apache.org/jira/browse/GUACAMOLE-890 > Project: Guacamole > Issue Type: Improvement > Components: guacamole-docker > Reporter: Anthony Boccia > Priority: Minor > Labels: docker, security > > Hello, > I noticed after deploying Guacamole in docker that the processes all run as > the root user. Are there any plans to add support for specifying a user for > the processes to drop privs to and run as instead of root? I am currently > doing this rebuilding the containers for guacamole and guacd adding in my own > user and using docker compose to exec all processes triggered within the > container as that user. I feel like the option to specify this should be done > upstream. > Thank You -- This message was sent by Atlassian Jira (v8.3.4#803005)