Commit 0087d66
committed
Use setpriv instead of gosu for dropping privileges in the entrypoint (redis#435)
* Use setpriv instead of gosu to drop privileges
Changes:
setpriv is used instead of gosu with the following flags:
* Set reuid and regid to redis user and group
* Clear all supplementary groups
* Set bouding capabilities to an empty list
* Enable no-new-privs bit
* Set securebit to exclude regaining capabilities1 parent aaeac6d commit 0087d66
File tree
4 files changed
+52
-75
lines changed- alpine
- debian
4 files changed
+52
-75
lines changedSome generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
Some generated files are not rendered by default. Learn more about customizing how changed files appear on GitHub.
0 commit comments