I am using a CentOS 6.9 system of High performance computation platform and I wanna use docker with non-root user. Is there a method that I can build docker from source and do not need root privilege?
解决方案
This shouldn't be possible as it would be a major security concern.
When docker is installed on a machine, users with docker access (not necessarily root) can start containers. In particular, they can start containers in priviliged mode, giving the container access to all host devices.
More importantly, A user with access to docker can mount directories owned exclusively by machine root. Since by default, a root user inside the container will have access to mounted root-owned directories inside the container, this will allow any Docker container started by a non-root user to access critical machine stuff.
Therefore, the sequence of having a non-root user install Docker and start containers should not be allowed as it can compromise the whole machine.
Check this explicit comment from one of the docker maintainers.
1823
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
