Harden flag.txt and change user

Pongsakorn Sommalai · Pongsakorn Sommalai · commit 71afb107dd76 · 2020-11-24T23:28:49.000+07:00
diff --git a/Dockerfile b/Dockerfile
@@ -1,7 +1,7 @@
 FROM ubuntu:20.04
 
 RUN apt-get update && \
-    apt install -y wget build-essential sudo unzip && \
+    apt install -y wget build-essential unzip && \
     rm -rf /var/lib/apt/lists/* && \
     useradd -d /home/ctf/ -m -p ctf -s /bin/bash ctf && \ 
     echo "ctf:ctf" | chpasswd
@@ -15,8 +15,9 @@ RUN gcc chall.c -o chall -fno-stack-protector -z execstack -no-pie
 RUN wget https://github.com/joewalnes/websocketd/releases/download/v0.3.0/websocketd-0.3.0-linux_amd64.zip && \
     unzip websocketd-0.3.0-linux_amd64.zip && \
     chmod +x websocketd && \
-    chown -R root:root /home/ctf && \
     apt remove -y wget build-essential unzip && \
     apt autoremove -y
 
+USER ctf
+
 CMD ./start.sh
diff --git a/chall.sh b/chall.sh
@@ -0,0 +1,4 @@
+#!/bin/sh
+
+echo $1 > ./flag.txt
+./chall
diff --git a/start.sh b/start.sh
@@ -1,5 +1,3 @@
 #!/bin/sh
 
-echo $FLAG > ./flag.txt
-
-./websocketd --binary=true --port=$PORT ./chall
+./websocketd --binary=true --port=$PORT ./chall.sh $FLAG
