Updated base image. Removed all suid & sgid bits from image. Drop root privileges by default.

2025-10-30 21:15:27 +01:00 · 2023-03-23 23:43:52 -04:00
parent cc9e4fbc4a
commit cbb7d43006
1 changed files with 11 additions and 3 deletions
--- a/14
+++ b/14
@@ -1,10 +1,18 @@
-FROM python:3.9-slim
+FROM python:3-slim
 WORKDIR /
 # Remove suid & sgid bits from all files.
 RUN find / -xdev -perm /6000 -exec chmod ug-s {} \; 2> /dev/null || true
 # Copy the ssh-audit code.
 COPY ssh-audit.py .
 COPY src/ .
-ENTRYPOINT ["python3", "/ssh-audit.py"]
+# Allow listening on 2222/tcp for client auditing.
 EXPOSE 2222
 # Drop root privileges.
 USER nobody:nogroup
 ENTRYPOINT ["python3", "/ssh-audit.py"]