diff --git a/Dockerfile b/Dockerfile
index 357f63b..c358daa 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,18 @@
-FROM python:3.9-slim
+FROM python:3-slim
 
 WORKDIR /
 
+# Remove suid & sgid bits from all files.
+RUN find / -xdev -perm /6000 -exec chmod ug-s {} \; 2> /dev/null || true
+
+# Copy the ssh-audit code.
 COPY ssh-audit.py .
 COPY src/ .
 
-ENTRYPOINT ["python3", "/ssh-audit.py"]
-
+# Allow listening on 2222/tcp for client auditing.
 EXPOSE 2222
+
+# Drop root privileges.
+USER nobody:nogroup
+
+ENTRYPOINT ["python3", "/ssh-audit.py"]