0
0
Fork 0
mirror of https://codeberg.org/forgejo/docs.git synced 2024-11-28 18:42:51 -05:00

Incorporate feedback

Co-authored-by: Earl Warren <contact@earl-warren.org>
This commit is contained in:
Rik Huijzer 2024-03-08 07:24:05 +01:00
parent 1288f10550
commit 7a66846f4a

View file

@ -70,7 +70,7 @@ ENABLE_PUSH_CREATE_USER = true
## Rootless ## Rootless
Forgejo also supports a rootless Docker image. Forgejo also supports a rootless Docker image.
With this image, the Docker container can run as an unprivileged user, which means that an attacker will not have root privileges on the server even when they break out of the container. With this image, the Docker container can run as an unprivileged user, which means that an attacker will not have root privileges on the server even when they gain access to the container.
This configuration is slightly more involved because we need to prepare our data folders. This configuration is slightly more involved because we need to prepare our data folders.
To do so, we create a `data` folder with permissions for the user with `UID` and `GID` 1000. To do so, we create a `data` folder with permissions for the user with `UID` and `GID` 1000.