| https://docs.docker.com/desktop/mac/permission-requirements/ This link breaks down what permissions are used on MacOS. > Maybe I’m using the wrong term Typically, the meaningful piece with "rootless" Docker is that the daemon is not running as root. When the Docker daemon is running as root on a Linux server, for example, anyone who can access the daemon (i.e. anyone in the "docker" group) has enough access to the system can do catastrophic damage with the access they have. For example, the docker daemon can mount any file on the host's filesystem (i.e. "-v /etc/shadow:/tmp/shadow"). With Docker running as root, anyone with access to the Docker daemon has the power to do almost anything to the system. With rootless Docker, that issue is mitigated heavily because the Docker context is restricted to an unprivileged user context. > but when installing Docker, you need root access, and not for Podman According to Podman Desktop's docs, it asks for admin permission when installing on MacOS: https://podman-desktop.io/docs/Installation/macos-install That being said, I don't personally see any security value added or removed by an installer process needing to elevate privileges. That's a one-time thing and likely should require admin privileges. |
Where I worked before we didn’t have root access on our laptops, so we couldn’t install Docker.
I’ve switched company since, but my former coworkers were able to install Podman (not Podman Desktop) without root access.