HIGH: Backend Docker Container Runs as Root, Amplifying RCE Risk

A critical security oversight in the backend Dockerfile leaves the application running as the root user inside its container. This configuration significantly amplifies the impact of any potential Remote Code Execution (RCE) vulnerability, granting an attacker full system-level privileges within the container environment. The absence of a USER directive means the process defaults to the highest privilege level, creating an unnecessary and dangerous attack surface.

The issue is isolated to the `Dockerfile.backend`. The current code lacks any mechanism to drop privileges, meaning the application and all its processes operate with unrestricted root access. The expected fix is to create a dedicated, non-privileged user account within the container image. This involves adding commands to create a system group and user (e.g., 'app') and then explicitly switching to that user with the `USER` directive before the application starts.

Failure to implement this fix leaves the entire backend service exposed to privilege escalation. If an attacker exploits another vulnerability to gain a foothold, they would immediately have root control over the container, enabling them to install malware, exfiltrate data, or pivot to other systems. The fix must also ensure correct file permissions for uploads and data directories, and verify that health checks continue to function after the privilege drop. This is a foundational security hardening step that is currently missing.