diff --git a/Dockerfile b/Dockerfile
index 451e536..6547fe8 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -14,6 +14,13 @@ RUN apk add --no-cache libbz2 libzip libcap sudo && \
 # allow php binary to bind ports <1000, even if $USER != root
 RUN /usr/sbin/setcap CAP_NET_BIND_SERVICE=+eip /usr/local/bin/php
 
+# remove unnecessary users
+RUN deluser xfs && \
+    deluser www-data
+
+# sudo: workaround for https://bugzilla.redhat.com/show_bug.cgi?id=1773148
+RUN echo "Set disable_coredump false" > /etc/sudo.conf
+
 # prepare files
 RUN rm -rf /var/www/html && \
     mkdir -p /usr/local/share/webapps/ifm && \
diff --git a/docker-startup.sh b/docker-startup.sh
index d577486..0c56b8c 100755
--- a/docker-startup.sh
+++ b/docker-startup.sh
@@ -2,25 +2,34 @@
 set -e
 
 if [ ! -z $IFM_DOCKER_UID ]; then
+	# check if UID/GID are numeric
+	if ! echo "$IFM_DOCKER_UID$IFM_DOCKER_GID" | egrep "^[0-9]+$" >/dev/null 2>&1; then
+		echo "FATAL: IFM_DOCKER_UID or IFM_DOCKER_GID are not numeric (UID: $IFM_DOCKER_UID, GID: $IFM_DOCKER_GID)"
+		exit 1
+	fi
+
+	# get GID if not set
 	if [ -z $IFM_DOCKER_GID ]; then
 		export IFM_DOCKER_GID=$IFM_DOCKER_UID
 	fi
+
+	# delete user if already exists
 	if getent passwd $IFM_DOCKER_UID >/dev/null 2>&1; then
 		deluser $(getent passwd $IFM_DOCKER_UID | sed "s/:.*//")
 	fi
+
+	# check if group already exists
 	if ! getent group $IFM_DOCKER_GID >/dev/null 2>&1; then
-		addgroup -g $IFM_DOCKER_GID -S ifm
-		REAL_GROUP=ifm
+		addgroup -g $IFM_DOCKER_GID -S www-data
+		REAL_GROUP=www-data
 	else
 		REAL_GROUP=$(getent group $IFM_DOCKER_GID | sed "s/:.*//")
 	fi
-	adduser -u $IFM_DOCKER_UID -HDG $REAL_GROUP ifm
-	sudo -E -u ifm -c "php -S 0:80 -t /usr/local/share/webapps/ifm"
+
+	adduser -u $IFM_DOCKER_UID -SHDG $REAL_GROUP www-data
 else
-	deluser xfs
-	deluser www-data
 	addgroup -g 33 -S www-data
 	adduser -SHD -u 33 -G www-data www-data
-	sudo -E -u www-data php -S 0:80 -t /usr/local/share/webapps/ifm
 fi
 
+sudo -Eu www-data /usr/local/bin/php -S 0:80 -t /usr/local/share/webapps/ifm