From d8f21188266a183e2ed89465381570f70b12b902 Mon Sep 17 00:00:00 2001
From: Bengt Giger <bgiger@ethz.ch>
Date: Mon, 14 Dec 2020 07:59:50 +0100
Subject: [PATCH] Run application as unprivileged user

---
 docker/demo/Dockerfile | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docker/demo/Dockerfile b/docker/demo/Dockerfile
index 3563a3fd..b65fbb08 100644
--- a/docker/demo/Dockerfile
+++ b/docker/demo/Dockerfile
@@ -8,6 +8,9 @@ ENV SERVER_PWD=somePW
 COPY seb-server-$SEBSERVER_JAR.jar /sebserver/seb-server-$SEBSERVER_JAR.jar
 COPY docker/demo/config/ /sebserver/config/
 
+RUN addgroup -S spring && adduser -S spring -G spring
+USER spring:spring
+
 WORKDIR /sebserver
 
 CMD exec java \