Felipe Zipitría
Felipe Zipitría
Didn't forgot about this, we are kind of overwhelmed with the bugbounty program on CRS these couple of weeks.
Ok, started with something. This is the PR I have for the base docker: https://github.com/coreruleset/modsecurity-docker/pull/140. If you have any comments, please add them there! the idea is to replicate it...
So, the corresponding fix in this repo is linked now: https://github.com/coreruleset/modsecurity-crs-docker/pull/88. Now we are building on top of a specific version from the base repo. So each build will be...
Changes are live now. Can you test them and see if they work for your use case?
Hi @archletekke ! Let me take a look at this one.
I don't think you need to change the whole `/usr/local` directory to nginx... 🤔
@archletekke Can you try to following the [documentation from upstream](https://hub.docker.com/_/nginx/), the part that says "Running nginx as a non-root user", and let us know?
There might be another option: we could use https://hub.docker.com/r/nginxinc/nginx-unprivileged from upstream instead. Will check if this works out of the box for us.
This looks cool @franbuehler ! I think @bittner has a point in just creating a new one only when something is found. Do you need additional help with setting it...
@MitchellCash Can you run it again now that we have alpine images? We still need to run this in a pipeline.