diff --git a/Dockerfile b/Dockerfile
index da2df38..7fdc5b6 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -3,9 +3,14 @@ FROM alpine:3.20
 RUN apk --no-cache add \
     socat
 
-ADD ./entrypoint.sh /usr/local/bin/entrypoint
+COPY --chmod=755 ./entrypoint.sh /usr/local/bin/entrypoint
 
-EXPOSE 53/udp
+RUN addgroup -S edns \
+    && adduser -S edns -G edns
+
+USER edns
+
+EXPOSE 11053/udp
 
 ENTRYPOINT [ "entrypoint" ]
 
diff --git a/entrypoint.sh b/entrypoint.sh
index f887874..58e20eb 100644
--- a/entrypoint.sh
+++ b/entrypoint.sh
@@ -39,4 +39,4 @@ while [ "$#" != "0" ]; do
   shift
 done
 
-exec socat $debug UDP4-RECVFROM:53,fork,bind="$bind" UDP4-SENDTO:127.0.0.11:53
\ No newline at end of file
+exec socat $debug UDP4-RECVFROM:11053,fork,bind="$bind" UDP4-SENDTO:127.0.0.11:53
\ No newline at end of file