Dockerfile: use non-privileged user account (#16052)

fgimenez · fjl · commit 50dbe8e2444c · 2018-04-05T14:14:32.000+02:00
diff --git a/Dockerfile b/Dockerfile
@@ -12,5 +12,11 @@ FROM alpine:latest
 RUN apk add --no-cache ca-certificates
 COPY --from=builder /go-ethereum/build/bin/geth /usr/local/bin/
 
+RUN addgroup -g 1000 geth && \
+    adduser -h /root -D -u 1000 -G geth geth && \
+    chown geth:geth /root
+
+USER geth
+
 EXPOSE 8545 8546 30303 30303/udp 30304/udp
 ENTRYPOINT ["geth"]
diff --git a/Dockerfile.alltools b/Dockerfile.alltools
@@ -12,4 +12,10 @@ FROM alpine:latest
 RUN apk add --no-cache ca-certificates
 COPY --from=builder /go-ethereum/build/bin/* /usr/local/bin/
 
+RUN addgroup -g 1000 geth && \
+    adduser -h /root -D -u 1000 -G geth geth \
+    chown geth:geth /root
+
+USER geth
+
 EXPOSE 8545 8546 30303 30303/udp 30304/udp
