diff --git a/Dockerfile b/Dockerfile
index c087dbc..72841e7 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,10 +1,9 @@
 FROM node:22-slim
 
-# Installer codex én gang ved build
+RUN useradd -ms /bin/bash dev
 RUN npm install -g @openai/codex
 
-# Sett workspace
+USER dev
 WORKDIR /workspace
 
-# Default shell
 CMD ["bash"]
diff --git a/docker-compose.yaml b/docker-compose.yaml
index 3e1ce0f..213fd20 100644
--- a/docker-compose.yaml
+++ b/docker-compose.yaml
@@ -10,6 +10,20 @@ services:
       - ./workspace:/workspace
       - codex_config:/root/.config
 
+    environment:
+      - HOME=/home/dev
+
+    tmpfs:
+      - /tmp
+
+    cap_drop:
+      - ALL
+
+    security_opt:
+      - no-new-privileges:true
+
+    network_mode: bridge
+
     command: sleep infinity
 
 volumes: