[
https://issues.apache.org/jira/browse/GUACAMOLE-890?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=17026039#comment-17026039
]
Jotam commented on GUACAMOLE-890:
---------------------------------
chmoding /usr/local/tomcat/webapps/ of my local guacamole image does the trick,
java properly starts as 65534:65534 user.
So I think we are not so far from a proper fix ;) (y)
> Guacamole/Guacd Docker Process Privilege Drop
> ---------------------------------------------
>
> Key: GUACAMOLE-890
> URL: https://issues.apache.org/jira/browse/GUACAMOLE-890
> Project: Guacamole
> Issue Type: Improvement
> Components: guacamole-docker
> Reporter: Anthony Boccia
> Priority: Minor
> Labels: docker, security
>
> Hello,
> I noticed after deploying Guacamole in docker that the processes all run as
> the root user. Are there any plans to add support for specifying a user for
> the processes to drop privs to and run as instead of root? I am currently
> doing this rebuilding the containers for guacamole and guacd adding in my own
> user and using docker compose to exec all processes triggered within the
> container as that user. I feel like the option to specify this should be done
> upstream.
> Thank You
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
