diff --git a/docker/Dockerfile b/docker/Dockerfile
index 40308809..42a2dd38 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -1,4 +1,4 @@
-FROM alpine:3.5
+FROM alpine:3.8
 
 # Enables customized options using environment variables
 ENV OSRM_BACKEND='http://localhost:5000'
@@ -12,7 +12,7 @@ RUN mkdir -p /src
 COPY package.json /src
 
 # Install app dependencies
-RUN apk add --no-cache sed nodejs && \
+RUN apk add --no-cache sed nodejs su-exec npm && \
     cd /src && \
     npm install
 
@@ -20,6 +20,10 @@ RUN apk add --no-cache sed nodejs && \
 COPY . /src
 WORKDIR /src
 
+# for dropping privileges
+RUN adduser -D osrm && \
+    chown -R osrm /src
+
 # Run App
 EXPOSE 9966
-CMD ["npm", "start"]
+CMD ["su-exec", "osrm", "npm", "start"]