diff --git a/Dockerfile b/Dockerfile
index 39348d8..1ef47de 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -33,5 +33,18 @@ ENV PROXY_SECRET=change_me
 WORKDIR ${WORKDIR_PATH}/config
 
 CMD \
+    # Create and switch to user with desired UID and GID.
+    # All processes that create/change files in ${DATA_PATH}
+    # must be run under this user.
+    groupadd -g ${GID} worker && \
+    useradd -M -g ${GID} -u ${UID} worker && \
+    chmod -R o-rwx ${WORKDIR_PATH} && \
+
+    # Add proxy secret
     sed -i "s/_PROXY_SECRET_/${PROXY_SECRET}/g" settings.yml && \
-    java -Xms${MEMORY} -Xmx${MEMORY} -jar *.jar --nogui
+
+    # Change UID and GID of used files to desired values.
+    chown -R worker:worker ${WORKDIR_PATH} && \
+
+    # Launch
+    su worker -c "java -Xms${MEMORY} -Xmx${MEMORY} -jar *.jar --nogui"