starred/cloudbeaver
1
0
Fork 0
mirror of https://github.com/dbeaver/cloudbeaver.git synced 2026-04-25 05:36:14 +03:00
Code Issues 212 Projects Releases Packages Wiki Activity

[GH-ISSUE #2290] [Security] Run Cloudbeaver as non-root by default (to be less vulnerable) #727

New issue
Open
opened 2026-03-07 20:53:49 +03:00 by kerem · 0 comments
kerem commented 2026-03-07 20:53:49 +03:00
Owner
Copy link

Originally created by @luarx on GitHub (Jan 10, 2024).
Original GitHub issue: https://github.com/dbeaver/cloudbeaver/issues/2290

Is your feature request related to a problem? Please describe.
It would be a good point to run Cloudbeaver with a non-root user to follow best security practises
Reference of why this is important: https://docs.bitnami.com/tutorials/why-non-root-containers-are-important-for-security

Describe the solution you'd like
To do that, it should define a USER in the Dockerfile

I see that someone mentioned already this and suggested a solution, but it was not added to the repo as default

Originally created by @luarx on GitHub (Jan 10, 2024). Original GitHub issue: https://github.com/dbeaver/cloudbeaver/issues/2290 **Is your feature request related to a problem? Please describe.** It would be a good point to **run Cloudbeaver with a non-root user to follow best security practises** Reference of why this is important: https://docs.bitnami.com/tutorials/why-non-root-containers-are-important-for-security **Describe the solution you'd like** To do that, it should define a USER in the [Dockerfile](https://github.com/dbeaver/cloudbeaver/blob/devel/deploy/docker/Dockerfile) I see that s[omeone mentioned already this](https://github.com/dbeaver/cloudbeaver/issues/349) and suggested a solution, but it was not added to the repo as default
Sign in to join this conversation.
No Branch/Tag specified
Branches Tags
devel
dbeaver/cloudbeaver#4120-support-token-header
dbeaver/pro#8978-advanced-paste
dbeaver/pro#5680-add-generation-rest-api-for-te
8961-cb-checkboxes-are-not-clickable-in-main-toolbar-dropdown-menu
dbeaver/pro#9047-cb-explain-execution-plan-ai
8328-cb-sql-query-generation-add-settings-for-the-generated-sql-window
8473-ai-confirmation
8107-cb-increase-the-contrast-of-some-elements
dbeaver/cloudbeaver#4249-session-id-rotation
dbeaver/pro#8234-udbt-only-for-admins
dbeaver/pro#9061-NPE-on-starting-RM-and-QM-applications
dbeaver/pro#8707-remove-folder-feature
dbeaver/pro#8766-migrate-to-junit5
dbeaver/pro#8711-sql-executation-plan-improvments
9048-cb-deadlock
release_26_0_3
dbeaver/pro#8044-add-api-for-database-user-preference
8839-entraid-not-working-from-within-myappsmicrosoftcom
8559-te-launch-redesign
8670-cb-multi-paste-support-in-data-editor-3
8943-cb-bump-npm-dependencies
dbeaver/pro#8655-cb-ai-functions-support
dbeaver/pro#8746-oauth
dbeaver/pro#8824-Unify-file-lock-handling-for-local-and-shared-fs
7912-db-oauth-in-te
dbeaver/pro#4158-tree-advanced-filter
dbeaver/dbeaver-devops#1604-non-root-user-25-2
dbeaver/pro#5124-fix-case-insensetive-username-in-import
3815-ctrl-z-is-unstable-lib-523-version
8894-ai-assistant-cache
dbeaver/pro#8896-Remove-added-h2_server_v3
release_26_0_2
dbeaver/pro#8392-Add-H2-driver-with-the-newest-version
8065-lsp-front-end
release_26_0_1
dbeaver/pro#7844-cb-lsp-server
dbeaver/pro#7530-csp-protection
release_26_0_0
release_25_3_5
release_25_3_4
release_25_3_3
7953-cb-ability-to-pin-rows-in-the-data-editor
devops-2221-base-java-repo
7923-cb-ws-events-are-misconfigured
release_25_3_2
release_25_3_1
release_25_3_0
release_25_2_5
dbeaver/pro#5267/auth-providers-refactoring
dbeaver/pro#6364-add-option-to-set-default-view-for-project
release_25_2_4
dbeaver/pro#5476-task-scheduler-refactor
release_25_2_3
7128-remove-deprecated-api
release_25_2_0
release_25_2_1
release_25_2_2
4569-cb-3681-use-something-better-than-md5-hash-to-pass-local-user-passwords
dbeaver/dbeaver-devops#1604-non-root-user-without-user-in-image
dbeaver/pro#6976-logging-poc
dbeaver/pro#6324-cursor-sync
dbeaver/pro#5630-add-cache-for-queries
dbeaver/pro#5574/fix/multi-query-vqb
dbeaver/pro#5802/feat/table-api
5664-cb-vscode-value-panel-support-text-format
CB-6291-build-local-script-do-not-clone-all-required-repos-for-successful-build
4288-core-fix-critical-cve-2022-0839-and-cve-2022-0839-in-liquibase-bundle
3944-model-data
4207-core-duplicate-cb-session-id-in-dc-side
chore/update-vite-assets-plugin
25.1.5
25.1.4
25.1.3
25.1.2
25.1.1
25.1.0
25.0.5
25.0.4
25.0.3
25.0.2
25.0.1
25.0.0
24.3.5
24.3.4
24.3.3
24.3.2
24.3.0
24.3.1
24.2.5
24.2.4
24.2.3
24.2.2
24.2.1
24.2.0
24.1.5
24.1.4
24.1.3
24.1.2
24.1.0
24.1.1
24.0.5
24.0.4
24.0.3
24.0.2
24.0.1
24.0.0
23.3.5
23.3.4
23.3.3
23.3.2
23.3.1
23.3.0
23.2.5
23.2.4
23.2.3
23.2.2
23.2.1
23.2.0
23.1.5
23.1.4
23.1.3
23.1.2
23.1.1
v23.1.0
v23_0_5
21.3.3
21.2.4
1.2.0
1.1.0
1.0.4
1.0.3
1.0.1b
1.0.2
1.0.1
1.0.0
Labels
Clear labels   
AS

   
can't reproduce

   
can't reproduce

   
deployment

   
development

   
documentation

   
duplicate

   
duplicate

   
ee

   
enhancement

   
external

   
new driver

   
performance

   
pull-request

Mirrored from GitHub Pull Request

  
third party issue

   
wait for response

   
wait for review

   
wontfix

   
x:Oracle

   
x:cassandra

   
x:clickhouse

   
x:db2

   
x:duckdb

   
x:greenplum

   
x:h2

   
x:h2gis

   
x:hana

   
x:hive

   
x:intersystems

   
x:kyuubi

   
x:maria

   
x:mongo

   
x:mysql

   
x:postgresql

   
x:presto

   
x:sql server

   
x:sqlite

   
x:teradata

   
x:trino

   
xf:accessibility

   
xf:administration

   
xf:ai

   
xf:authentication

   
xf:aws

   
xf:commit-mode

   
xf:connection

   
xf:dark theme

   
xf:data editor

   
xf:datatransfer

   
xf:dba

   
xf:driver management

   
xf:erd

   
xf:filters

   
xf:i18n

   
xf:i18n

   
xf:installer

   
xf:json

   
xf:kerberos

   
xf:ldap

   
xf:local config

   
xf:log viewer

   
xf:metadata

   
xf:metadata editor

   
xf:navigator

   
xf:okta

   
xf:query manager

   
xf:resource manager

   
xf:scripts

   
xf:sql editor

   
xf:tasks

   
xf:ui/uix

   
xo: Firefox

   
xo:eclipse

   
xo:internet explorer

   
xo:macos

   
xp:major

   
xrn:internal
No labels
AS
can't reproduce
can't reproduce
deployment
development
documentation
duplicate
duplicate
ee
enhancement
external
new driver
performance
pull-request
third party issue
wait for response
wait for review
wontfix
x:Oracle
x:cassandra
x:clickhouse
x:db2
x:duckdb
x:greenplum
x:h2
x:h2gis
x:hana
x:hive
x:intersystems
x:kyuubi
x:maria
x:mongo
x:mysql
x:postgresql
x:presto
x:sql server
x:sqlite
x:teradata
x:trino
xf:accessibility
xf:administration
xf:ai
xf:authentication
xf:aws
xf:commit-mode
xf:connection
xf:dark theme
xf:data editor
xf:datatransfer
xf:dba
xf:driver management
xf:erd
xf:filters
xf:i18n
xf:i18n
xf:installer
xf:json
xf:kerberos
xf:ldap
xf:local config
xf:log viewer
xf:metadata
xf:metadata editor
xf:navigator
xf:okta
xf:query manager
xf:resource manager
xf:scripts
xf:sql editor
xf:tasks
xf:ui/uix
xo: Firefox
xo:eclipse
xo:internet explorer
xo:macos
xp:major
xrn:internal
Milestone
Clear milestone
No items
No milestone
Projects
Clear projects
No items
No project
Assignees
Clear assignees
No assignees
1 participant
Notifications
Due date
The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference
starred/cloudbeaver#727
No description provided.