|
|
|
|
|
|
by crashoverdrive
4695 days ago
|
|
|
is this chroot or root, because, in my experience, don't you NOT want apps running as root? I suppose with containers having sub-level access it would be a difficult decision to choose which was more secure, giving docker full access to everything, or it not having control. It's a shame that its such a difficult place to change it, or that you can't select it at install. |
|
|
However, you can very easily drop the privileges of the application running inside each container, with "docker run -u <USER>". This is definitely recommended for several use cases, for example running untrusted code on shared hardware.