Wrongly allow access to .sql files

[conf-test]

Hi, I'm security researcher that recently works on your docker image sxe79/joomla4x
on DockerHub. Since there is no place to report it on DockerHub, I just search and find your repo here and try to report you a security issue on that docker image.

After I set up the image, it seems like all sql files in /administrator/components/com_admin/sql/updates is open to public access, which is quite unsafe and expose information to attacker.

Would it be better to block that access in your docker image? Thanks!

Best,
-ct