diff --git a/docker/Dockerfile b/docker/Dockerfile
index be94d29..420a783 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -22,25 +22,24 @@ FROM python:3.11-slim
 # Set working directory
 WORKDIR /app
 
-# Copy Python dependencies from builder
-COPY --from=builder /root/.local /root/.local
+# Create non-root user for security
+RUN useradd -m -u 1000 -s /bin/bash aegis
+
+# Copy Python dependencies from builder to aegis user's home
+COPY --from=builder --chown=aegis:aegis /root/.local /home/aegis/.local
 
 # Copy application code
-COPY src/ ./src/
+COPY --chown=aegis:aegis src/ ./src/
 
 # Create directory for audit logs
 RUN mkdir -p /var/log/aegis-mcp && \
-    chmod 755 /var/log/aegis-mcp
-
-# Create non-root user for security
-RUN useradd -m -u 1000 -s /bin/bash aegis && \
-    chown -R aegis:aegis /app /var/log/aegis-mcp
+    chown -R aegis:aegis /var/log/aegis-mcp
 
 # Switch to non-root user
 USER aegis
 
 # Add user's local bin to PATH
-ENV PATH=/root/.local/bin:$PATH
+ENV PATH=/home/aegis/.local/bin:$PATH
 ENV PYTHONPATH=/app/src:$PYTHONPATH
 
 # Expose MCP server port