diff --git a/docker/Dockerfile b/docker/Dockerfile
index 9ce5e6e1d..38e37e61b 100644
--- a/docker/Dockerfile
+++ b/docker/Dockerfile
@@ -4,38 +4,34 @@ RUN apt-get update && \
     apt-get install --no-install-recommends -y build-essential git libportaudio2 && \
     rm -rf /var/lib/apt/lists/*
 
-# Permission kludges to support `docker run --user xxx`
-RUN mkdir       /.aider /app /.cache
-RUN chmod a+rwx /.aider /app /.cache
+WORKDIR /app
+
+RUN python -m venv /venv
+ENV PATH="/venv/bin:$PATH"
 
 # So git doesn't complain about unusual permissions
 RUN git config --system --add safe.directory /app
 
-# So pip installs work
-RUN chmod a+rwx /usr/local/lib/python3.10/site-packages /usr/local/*
-
-WORKDIR /app
-
 #########################
 FROM base AS aider-full
 
-COPY . /aider
+COPY . /tmp/aider
 RUN pip install --upgrade pip \
-    && pip install --no-cache-dir /aider[help,browser,playwright] \
+    && pip install --no-cache-dir /tmp/aider[help,browser,playwright] \
        --extra-index-url https://download.pytorch.org/whl/cpu \
-    && rm -rf /aider
+    && rm -rf /tmp/aider
 
 RUN playwright install --with-deps chromium
 
-ENTRYPOINT ["aider"]
+ENTRYPOINT ["/venv/bin/aider"]
 
 #########################
 FROM base AS aider
 
-COPY . /aider
+COPY . /tmp/aider
 RUN pip install --upgrade pip \
-    && pip install --no-cache-dir /aider \
+    && pip install --no-cache-dir /tmp/aider \
        --extra-index-url https://download.pytorch.org/whl/cpu \
-    && rm -rf /aider
+    && rm -rf /tmp/aider
 
-ENTRYPOINT ["aider"]
+ENTRYPOINT ["/venv/bin/aider"]