mjml-server icon indicating copy to clipboard operation
mjml-server copied to clipboard

Published 20 hours ago verified publisher icon adrianrudnik

Runs as root by default

Open nigel-gott opened this issue 4 years ago • 2 comments

Hi, currently I believe mjml-server's image runs as root by default which is not desirable. The base image (node) used has a page with best practices showing how instead it could run as the node user which is more secure: https://github.com/nodejs/docker-node/blob/main/docs/BestPractices.md#non-root-user What do you think about making this change in mjml-server also?

nigel-gott avatar Apr 12 '21 12:04 nigel-gott

Hi there, yes I want to move it to a non-root user soon, through it will introduce a BC break because the default listening port will change from 80 to 8080 as I can no longer use the privileged port.

adrianrudnik avatar Apr 12 '21 13:04 adrianrudnik

If anyone comes across this, here are the basic modifications needed to run as non-root https://github.com/DigitalGrads/mjml-server/commit/1c33bc7ca32de70a879ec688b0f8272f25629bda (listens on port 8080)

I won't submit a pull request because as @adrianrudnik states, it's a breaking change.

P.S. Thanks for making this Docker image.

mmulqueen avatar Mar 09 '22 16:03 mmulqueen