- cross-posted to:
- selfhosted@lemmy.world
- cross-posted to:
- selfhosted@lemmy.world
Why allow “everyone” to have read write permission to shared folders in order to run container manager? Wouldn’t this be insecure?
You must log in or # to comment.
The question is asked, yet no actual answer is given for the article.
A usual secure way is to set the bind-mounted modes tou+rwxand ownership to the container User UID, which you may check viadocker inspect <container>or its image.Meanwhile, nice choice for the NodeRed! ✨
User namespaces are an advanced feature and require coordination with other capabilities. For example, if volumes are mounted from the host, file ownership must be pre-arranged if you need read or write access to the volume contents.
Source: https://docs.docker.com/engine/security/userns-remapThanks!



