Update Dockerfile

[denisbabineau]

• container was failing to start, updated the process name in Dockerfile
• container process was failing to write files in mounted volumes when using -v as in the README.md example; no need to run the contained process as non-root

[jmwilkinson]

Does running as root here have any security implications?

[rentzsch]

@jmwilkinson I'm 95% sure there's no security implications to running as root inside a container. The container provides the security isolation so it can't access the host. Worst case is that the server executes malicious code that can access your private repos. But that would be the case anyway running under a non-root user since it has to be able to access the host's volume in order to vend it.

[denisbabineau]

I agree with @rentzsch. See this thread with posts covering both angles: https://forums.docker.com/t/root-user-or-non-root-user-inside-container/966/3
I would say in this case ease of use trumps ultra-paranoid security concerns. If someone is so extremely concerned, he should use his own Dockerfile, but I don't expect this would be your typical usage. For instance, Docker's own registry image runs as root as well inside the container.

[trentearl]

I dont use docker, so the best I can do is look these changes over to make sure nothing looks malicious. Thanks for this change!

Committed with: 3729c13

[lock]

This thread has been automatically locked since there has not been any recent activity after it was closed. Please open a new issue for related bugs.