From 95e7a47947a5b7b207f90164bb8d29c7118c944d Mon Sep 17 00:00:00 2001 From: Wonderfall Date: Thu, 4 Feb 2021 15:03:46 +0100 Subject: [PATCH] Update README.md --- README.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/README.md b/README.md index e150f8e..6ef8f88 100644 --- a/README.md +++ b/README.md @@ -19,6 +19,9 @@ - No **running** root processes **except on start** (reducing privileges afterwards). - Environment variables provided (see below). +### Security +As many images from the time it was first made, this image follows the principle of degrading privileges. It runs first as root to ensure permissions are set correctly and then only makes use of the UID/GID of your choice. While I agree it's not perfect (due to Linux insecurity), it seemed the best security/comfort balance at the time and it'll remain so for a while. + ### Tags - **latest** : latest stable version. - **20.0** : latest 20.0.x version (stable, recommended)