diff --git a/Dockerfile b/Dockerfile
index eda84cc73..b0828f730 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -5,6 +5,9 @@ LABEL COMMIT_HASH ${COMMIT_HASH}
 ENV COMMIT_HASH ${COMMIT_HASH}
 
 RUN apt-get update && apt-get upgrade -y && rm -rf /var/lib/apt/lists/*
+RUN groupadd -r cqfruler && useradd -r -g cqfruler cqfruler
+USER cqfruler
+WORKDIR /home/cqfruler
 
 RUN mkdir server
 RUN mkdir plugin
diff --git a/README.md b/README.md
index ecfc6f5af..604563a50 100644
--- a/README.md
+++ b/README.md
@@ -28,8 +28,8 @@ The public sandbox is not persistent, has no authentication, and is regularly re
 
 ### Docker
 
-The easiest way to get started with the cqf-ruler is to pull and run the docker image
-
+The easiest way to get started with the cqf-ruler is to pull and run the docker image.
+For avoiding to run docker container by default root user permission, the container from this image will run with a user named `cqfruler`
 ```bash
 docker pull alphora/cqf-ruler
 docker run -p 8080:8080 alphora/cqf-ruler