[https://snyk.io/blog/10-docker-image-security-best-practices/](https://snyk.io/blog/10-docker-image-security-best-practices/)
Answers to your questions
[https://snyk.io/blog/10-docker-image-security-best-practices/](https://snyk.io/blog/10-docker-image-security-best-practices/)
Make sure you add to `.dockerignore` a line item to ignore `.dockerignore` too.
Hi,
Regarding the second paragraph about root users..
Does it mean that the instructions of creating directory or files (even for files that is generated by a command) of the dockerfile are **always** owned by **root**, and we only need to change the ownership at the end?
Do I understood correctly?