The docker group grants root-level privileges to the user
But, I guess Docker doesn’t really tell you not to do this… and I feel like a lot of mac users are not used to adding sudo at the front of docker commands so… idk.
Docker does by default - it only works if you use sudo. But the docs tell you to add yourself to the docker group (which requires sudo to do). Then running docker doesn’t require sudo anymore.
Yeah, that’s a terrible decision in the docs. Don’t ever add a path where anything on the shell can execute user-modifyable code as root.
As soon as you do that, you lose any protection that comes from separating root users and non-root users. Because now any malicious program can just use docker to elevate its code to root.
Or don’t give your user docker and use sudo to use the docker CLI to get the same effect. Hell, you could even alias docker as sudo docker to get the same feel.
Most systems I use will keep a sudo authentication session open for several minutes, so you don’t have to repeatedly enter your password on every single command.
Suppose we all did read the docs. How possible is it with the complexity of a modern system to really take literally everything in account, and understand the implications oof everything to keep your system safe?
It’s great that it’s documented, but if security isn’t the default option, it will lead to issues, and everything has become so complex, that imo correctly managing everything is literally impossible…
This is a systemic issue, not a user issue.
I mean, there’s a big ol’ warning in the docs: https://docs.docker.com/engine/install/linux-postinstall/
But, I guess Docker doesn’t really tell you not to do this… and I feel like a lot of mac users are not used to adding sudo at the front of docker commands so… idk.
Sounds like Docker is just inherently unsecure.
In the same way that sudo is.
Sudo makes you enter your password and docker doesn’t?
Docker does by default - it only works if you use sudo. But the docs tell you to add yourself to the docker group (which requires sudo to do). Then running docker doesn’t require sudo anymore.
Yeah, that’s a terrible decision in the docs. Don’t ever add a path where anything on the shell can execute user-modifyable code as root.
As soon as you do that, you lose any protection that comes from separating root users and non-root users. Because now any malicious program can just use docker to elevate its code to root.
Or don’t give your user docker and use sudo to use the docker CLI to get the same effect. Hell, you could even alias docker as
sudo dockerto get the same feel.Sudo can/usually does ask for password - but if you’re feeling lucky you can use sudo without a password.
(Currently doing that after repeatedly failing to install an OS and have not yet felt compelled to change it back).
Most systems I use will keep a sudo authentication session open for several minutes, so you don’t have to repeatedly enter your password on every single command.
It’s a great feature - a necessary feature even. Tired using doas Linux port and that feature isn’t supported - it was depressing.
Only if you tell it to.
… and the Nextcloud developers think it’s completely reasonable to build a plugin system where you give this access to a web facing PHP application.
What could possibly go wrong?
Sadly, nobody reads docs anymore. Now that I’m thinking, people never read the docs.
Suppose we all did read the docs. How possible is it with the complexity of a modern system to really take literally everything in account, and understand the implications oof everything to keep your system safe? It’s great that it’s documented, but if security isn’t the default option, it will lead to issues, and everything has become so complex, that imo correctly managing everything is literally impossible… This is a systemic issue, not a user issue.
Removed by mod
deleted by creator
I have never even looked at the Docker docs