I am a Developer Advocate for Security in Mobile Apps and APIs at approov.io.
Another passion is the Elixir programming language that was designed to be concurrent, distributed and fault tolerant.
Location
Scotland
Education
Self teached Developer
Work
Developer Advocate for Mobile and API Security at approov.io
Do you use your operating system as the root user? No, you have your unprivileged user ;)
So the same rules must be applied for Docker or any other software that needs sudo.
Please don't put security over convenience, because that is exactly what attackers expect and is how they often compromise production systems.
They first gain access via the developer machine or via testing or staging environments that are not properly secured, because people often just think exactly as you:
but I think we can use it for our local env and make our life easier
Do you use your operating system as the root user? No, you have your unprivileged user ;)
So the same rules must be applied for Docker or any other software that needs sudo.
Please don't put security over convenience, because that is exactly what attackers expect and is how they often compromise production systems.
They first gain access via the developer machine or via testing or staging environments that are not properly secured, because people often just think exactly as you:
Nice , Thanks a million for sharing your expensive experience