What are best practices to solve `All files/directories will have '-rwxr-xr-x' permissions` when building docker images on Windows?

When a docker image is built on a Windows host the following message is returned:

SECURITY WARNING: You are building a Docker image from Windows against a non-Windows
Docker host. All files and directories added to build context will have '-rwxr-xr-x'
permissions. It is recommended to double check and reset permissions for sensitive files 
and directories.

It is not currently possible to disable that warning, see discussions on Issue 20397:


That warning was added, because the Windows filesystem does not have
an option to mark a file as 'executable'. Building a linux image from
a Windows machine would therefore break the image if a file has to be
marked executable.


For that reason, files are marked executable by default when building
from a windows client; the warning is there so that you are notified
of that, and (if needed), modify the Dockerfile to change/remove the
executable bit afterwards.

In a sense this also means it's practically impossible to actually solve the issue.

What maybe can help a bit is moving the error message from stderr to stdout, released in docker 17.04. See Issue 29856.

StackExchange DevOps Q#1672, answer score: 5