diff --git a/Dockerfile b/Dockerfile
index 4ba426e7..5767772c 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,51 +1,46 @@
+#FROM mcr.microsoft.com/dotnet/sdk:9.0 AS build
 FROM ubuntu:20.04
 
+#install .net
 RUN apt-get update && apt-get install -y wget apt-transport-https && \
     wget https://packages.microsoft.com/config/ubuntu/20.04/packages-microsoft-prod.deb && \
     dpkg -i packages-microsoft-prod.deb && \
     apt-get update && apt-get install -y dotnet-sdk-9.0
 
-
+# Install system dependencies
 RUN set -xe \
     && DEBIAN_FRONTEND=noninteractive apt-get update -y \
-	&& apt-get install -y libfontconfig libdbus-1-3 libx11-6 libx11-xcb-dev cppcheck htop \
-	    python3 python3-distutils gcc g++ make nuget libgit2-dev libssl-dev git \
+    && apt-get install -y libfontconfig libdbus-1-3 libx11-6 libx11-xcb-dev cppcheck htop \
+        python3 python3-distutils gcc g++ make nuget libgit2-dev libssl-dev curl wget git unzip zip \
     && rm -rf /var/lib/apt/lists/* \
     && apt-get purge --auto-remove \
     && apt-get clean 
 
-# this SHELL command is needed to allow using source
-SHELL ["/bin/bash", "-c"]  
-# Install dependencies for scala backend
-RUN apt-get update -y \
-	&& apt-get install -y curl wget unzip zip \	
-	&& curl -s "https://get.sdkman.io" | bash \
-	&& chmod a+x "$HOME/.sdkman/bin/sdkman-init.sh" \
- 	&& source "$HOME/.sdkman/bin/sdkman-init.sh" \	
-	&& sdk install java 17.0.9-oracle \				
-	&& sdk install scala 3.3.0 \					
-	&& sdk install sbt 1.9.0
-
-# Install GNAT AND SPARK from AdaCore
-WORKDIR /gnat_tmp/
+# Create a non-root user
+RUN adduser --disabled-password --gecos '' --uid 1000 myuser
 
-# The ADD instruction will always download the file and the cache will be invalidated if the checksum of the file no longer matches
-# On the other hand, the RUN instruction will not invalidate the cache unless its text changes. 
-# So if the remote file is updated, you won't get it. Docker will use the cached layer.
-# In our case, the gnat-2021-20210519-x86_64-linux-bin will not change. So, it is preferable to ADD
-#ADD https://community.download.adacore.com/v1/f3a99d283f7b3d07293b2e1d07de00e31e332325?filename=gnat-2021-20210519-x86_64-linux-bin  ./gnat-2021-20210519-x86_64-linux-bin
-
-RUN wget -O gnat-2021-20210519-x86_64-linux-bin https://community.download.adacore.com/v1/f3a99d283f7b3d07293b2e1d07de00e31e332325?filename=gnat-2021-20210519-x86_64-linux-bin \
-	&& git clone https://github.com/AdaCore/gnat_community_install_script.git \
-	&& chmod +x gnat_community_install_script/install_package.sh \
-	&& chmod +x gnat-2021-20210519-x86_64-linux-bin \
-	&& gnat_community_install_script/install_package.sh ./gnat-2021-20210519-x86_64-linux-bin /opt/GNAT/gnat-x86-2021 \
-	&& cd \
-	&& rm -rf /gnat_tmp/ \
-	&& sed -i 's/# alias l=/alias l=/' ~/.bashrc \
-	&& sed -i 's/# export LS_OPTIONS/export LS_OPTIONS/' ~/.bashrc
+# Adjust permissions for volumes
+RUN mkdir -p /workdir /app && chown -R myuser:myuser /workdir /app
 
-WORKDIR /app/
+# Switch to the non-root user
+USER myuser
 
+# Install SDKMAN
+RUN curl -s "https://get.sdkman.io" | bash && \
+    echo "source $HOME/.sdkman/bin/sdkman-init.sh" >> $HOME/.bashrc && \
+    bash -c "source $HOME/.sdkman/bin/sdkman-init.sh && sdk install java 17.0.9-oracle && sdk install scala 3.3.0 && sdk install sbt 1.9.0"
+
+# Install GNAT and SPARK from AdaCore (still as root since no SDKMAN required here)
+USER root
+WORKDIR /gnat_tmp/
+RUN wget -O gnat-2021-x86_64-linux-bin https://community.download.adacore.com/v1/f3a99d283f7b3d07293b2e1d07de00e31e332325?filename=gnat-2021-20210519-x86_64-linux-bin \
+    && git clone https://github.com/AdaCore/gnat_community_install_script.git \
+    && chmod +x gnat_community_install_script/install_package.sh \
+    && chmod +x gnat-2021-x86_64-linux-bin \
+    && gnat_community_install_script/install_package.sh ./gnat-2021-x86_64-linux-bin /opt/GNAT/gnat-x86-2021 \
+    && rm -rf /gnat_tmp/
+
+# Set back to the non-root user for remaining tasks
+USER myuser
+WORKDIR /app/
 ENV PATH="/opt/GNAT/gnat-x86-2021/bin:${PATH}"
-#ENTRYPOINT ["/bin/bash"]
\ No newline at end of file
diff --git a/local-build.sh b/local-build.sh
index 4b0e179f..17aa6525 100644
--- a/local-build.sh
+++ b/local-build.sh
@@ -4,7 +4,7 @@ echo $1
 echo "****"
 source "$HOME/.sdkman/bin/sdkman-init.sh"
 cd /workdir/ || exit
-#git config --global --add safe.directory /app || exit
+git config --global --add safe.directory /app || exit
 git -C asn1scc pull || git clone /app/ asn1scc || exit
 cd asn1scc || exit
 git checkout $1 || exit