Maybe I should rephrase that @avalander
. Must be run with root privillages. Which is what the docker group enables you do do without the sudo command. As any commands that are run in a docker container run with root permissions in the host when directories or files are shared. See Docker surface level attack.
You can setup the docker process to run as a manually created user who has the docker group and reduced permissions elsewhere, but it becomes less and less convenient to setup and use.
I am a certified trainer that likes to share my knowledge with the world.
Also, I am an adopter of continuous learning and evolving idea.
https://dev.to/wolfiton/who-am-i-3lj7
Maybe I should rephrase that @avalander . Must be run with root privillages. Which is what the docker group enables you do do without the sudo command. As any commands that are run in a docker container run with root permissions in the host when directories or files are shared. See Docker surface level attack.
You can setup the docker process to run as a manually created user who has the docker group and reduced permissions elsewhere, but it becomes less and less convenient to setup and use.
Thanks for explaining more with examples and also for the warning regarding the surface attack.