Crafty Docker Security Issue

Quick Information

• Operating System: Linux
• Install Type: Docker

What Happened?

Tried to create docker container using a specific user ID with run command options so that I can secure my filesystem -e PUID=1009
-e PGID=1009
also tried -u 1009:1009

I gave the user and group with ID 1009 rwx permissions to the mounts I am passing through to crafty but I got permissions errors in the crafty docker container log until I gave UID 1000 (Crafty User inside of the docker) Read Write and Execute permissions on the mounted folders.

Expected result

Expected the container to run all processes with UID and GID 1009 so that I can lock down permissions to just the folders crafty needs.

Steps to reproduce

Using POSIX acls grant userid 1009 and groupid 1009, RWX permissions to the folder containing crafty files. Run the docker command docker run -d
--name Crafty-4
--network docker-dirty
--ip 192.168.6.21
-e TZ=America/Los_Angeles
-e PUID=1009
-e PGID=1009
-v /mnt/Apps/crafty-4/backups:/crafty/backups
-v /mnt/Apps/crafty-4/config:/crafty/app/config
-v /mnt/Apps/crafty-4/import:/crafty/import
-v /mnt/Apps/crafty-4/logs:/crafty/logs
-v /mnt/Apps/crafty-4/servers:/crafty/servers
-p 8443:8443
-p 25500-25600:25500-25600
-p 8123:8123
--restart unless-stopped
arcadiatechnology/crafty-4

Observe the log file to see permissions error.

Priority/Severity

• High (anything that impacts the normal user flow or blocks app usage)
• Medium (anything that negatively affects the user experience)
• Low (anything else e.g., typos, missing icons/translations, layout/formatting issues, etc.)