From 0b92a57f77cf9d95303182131d9dbcda861f7d08 Mon Sep 17 00:00:00 2001
From: Nanne Baars <nanne.baars@owasp.org>
Date: Wed, 26 Jul 2017 05:06:40 +0200
Subject: [PATCH] WebGoat no longer runs as root in the Docker container.

---
 webgoat-server/src/main/docker/Dockerfile | 12 +++++++-----
 1 file changed, 7 insertions(+), 5 deletions(-)

diff --git a/webgoat-server/src/main/docker/Dockerfile b/webgoat-server/src/main/docker/Dockerfile
index 255e71064..debc223cb 100644
--- a/webgoat-server/src/main/docker/Dockerfile
+++ b/webgoat-server/src/main/docker/Dockerfile
@@ -1,6 +1,8 @@
 FROM openjdk:8-jre
-VOLUME /tmp
-RUN cd /root; mkdir -p .webgoat
-ADD webgoat-server-8.0-SNAPSHOT.jar webgoat.jar
-RUN sh -c 'touch /webgoat.jar'
-ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/webgoat.jar"]
\ No newline at end of file
+
+RUN useradd --home-dir /home/webgoat --create-home -U webgoat
+
+USER webgoat
+RUN cd /home/webgoat/; mkdir -p .webgoat
+COPY webgoat-server-8.0-SNAPSHOT.jar /home/webgoat/webgoat.jar
+ENTRYPOINT ["java","-Djava.security.egd=file:/dev/./urandom","-jar","/home/webgoat/webgoat.jar"]
\ No newline at end of file