Coderabbit requested fixes.

.devcontainer/Dockerfile

@@ -9,7 +9,7 @@
 #
 # Stage 2. Runner builds the bare minimum requirements to create an operational NetAlertX. The primary
 # reason for breaking at this stage is it leaves the system in a proper state for devcontainer operation
-# This image also provides a break-out point for users who wish to execute the anti-pattern of using a
+# This image also provides a break-out point for uses who wish to execute the anti-pattern of using a
 # docker container as a VM for experimentation and various development patterns.
 #
 # Stage 3. Hardened removes root, sudoers, folders, permissions, and locks the system down into a read-only

test/docker_tests/test_container_environment.py

@@ -1183,10 +1183,7 @@ def test_restrictive_permissions_handling(tmp_path: pathlib.Path) -> None:
     
     _assert_contains(result_root, "NetAlertX is running as ROOT", result_root.args)
     _assert_contains(result_root, "Permissions fixed for read-write paths", result_root.args)
-    
-    # Verify the fix actually happened
-    data_host_path = paths["data"]
-    
+
     check_cmd = [
         "docker", "run", "--rm",
         "--entrypoint", "/bin/sh",
@@ -1195,7 +1192,7 @@ def test_restrictive_permissions_handling(tmp_path: pathlib.Path) -> None:
         "-c", "ls -ldn /data/db && touch /data/db/test_write_after_fix"
     ]
     # Add all volumes to check_cmd too
-    for host_path, target, readonly in volumes:
+    for host_path, target, _readonly in volumes:
         check_cmd.extend(["-v", f"{host_path}:{target}"])
     
     check_result = subprocess.run(