Hacker News new | ask | show | jobs
by sorpaas 4140 days ago
That's for deleting apps, since docker volumes may produce something that only root can access. Haven't found ways to get around it, any suggestions?
1 comments
lbradstreet 4140 days ago
I assume you mean data outside the container?

Maybe you could at least silo the utility that needs to delete so that it can easily be inspected and so you don't have to trust the whole program.

link
richo 4140 days ago
Exactly. A setuid `delort-container` utility would be a good start.
link