Add comment about user of chroot for privilege de-escalation

Dimitrios Liappis · Dimitrios Liappis · commit 9e3d43d20cbb · 2017-10-11T15:04:10.000+03:00
Addresses #125 (comment)
diff --git a/build/elasticsearch/bin/docker-entrypoint.sh b/build/elasticsearch/bin/docker-entrypoint.sh
@@ -28,6 +28,7 @@ run_as_other_user_if_needed() {
 # or simply to run /bin/bash to check the image
 if [[ "$1" != "eswrapper" ]]; then
     if [[ "$(id -u)" == "0" ]] && [[ "$1" == *elasticsearch* ]]; then
+        # Use chroot to switch to UID 1000
         exec chroot --userspec=1000 / "$@"
     else
         exec "$@"
