[jon-wood]

Because it effectively makes no difference to my security posture. My user account also has sudo access (it requests TouchID but I also wouldn't die on the hill if someone said they have no password sudo access), and realistically everything of value on this machine exists in my home directory. Being able to escalate to root really doesn't give an attacker very much that they don't already have if they've got access to my user account.

[dangus]

Maybe you don’t do anything with your computer but for me the difference between my sudo+password/fingerprint and sudoless access to my linux user is huge.

For one thing, 1Password unlocks with system authentication unless it’s been inactive for a certain amount of time or if the system has been restarted.

Without sudo you can’t modify my firewall rules, can’t modify my kernel, boot partition, install/run privileged software, and the list goes on and on.

Sure, having my local account compromised would be really bad, but security is done in layers. I’m not going to give my local user permanent root access via docker just because I didn’t feel like typing “sudo.” That’s not enough of a benefit to leave that door wide open.

Think about it this way: there could be an exploit where you could run something as my user without knowing my password. Maybe some program my user is running has an exploit, let’s say yet another npm package gets compromised and I unwittingly run it. If you can now run anything in docker as root with that blast radius just got way worse.