Why allow "everyone" to have read write permission?

https://kb.synology.com/en-global/DSM/tutorial/Docker_container_cant_access_the_folder_or_file#x_anchor_idcd3f1170a3Open link

View original on programming.dev

Artwork

lemmy.world

The question is asked, yet no actual answer is given for the article.
A usual secure way is to set the bind-mounted modes to u+rwx and ownership to the container User UID, which you may check via docker inspect <container> or its image.

Meanwhile, nice choice for the NodeRed! ✨

User namespaces are an advanced feature and require coordination with other capabilities. For example, if volumes are mounted from the host, file ownership must be pre-arranged if you need read or write access to the volume contents.
Source: https://docs.docker.com/engine/security/userns-remap