[goatinaboat]

That's only a problem if you allow untrusted users operate the docker daemon.

Sure, if you trust every developer in your company with the root password anyway, why not? That might be true at Docker (the company), I don’t know. Certainly wasn’t true at one company I worked at with 30,000 devs...

By the way, this problem does not exist with competing container tools like Podman/Buildah.

[raesene9]

Why would you be allowing devs to directly deploy to production in a company with 30,000 developers?

Surely you'd have proper release management where Ops teams would review deployment artifacts before deploying them?

[goatinaboat]

You wouldn’t but you wouldn’t give every dev root access to every dev box either... would you?

[PeterisP]

Not necessarily every dev box, but I'd say that in most environments it's reasonable that devs would have full permissions in any "their" dev boxes/VMs. If you split boxes/VMs across devs instead of sharing them, then the access would be limited to whatever people are assigned to own that box, but they'd have full access. I mean, if something breaks, it should be trivial to reset that machine or get a new one, VMs can be cloned and spawned in seconds and there's no reason not to spend an hour once so that you automatically get a fully working dev environment with all the tooling needed.

In any case the notion of "the root password" seems weird, root passwords should be unique (even for VMs), randomly generated, and mostly not used; in most situations you'd use publickey authentication instead of passwords.

[raesene9]

I'd have developers working in Dev VMs on their laptops, and sure I'd let them have root access to those.