The docker group grants root-level privileges to the user
But, I guess Docker doesn't really tell you not to do this... and I feel like a lot of mac users are not used to adding sudo at the front of docker commands so... idk.
Docker does by default - it only works if you use sudo. But the docs tell you to add yourself to the docker group (which requires sudo to do). Then running docker doesn’t require sudo anymore.
Yeah, that's a terrible decision in the docs. Don't ever add a path where anything on the shell can execute user-modifyable code as root.
As soon as you do that, you lose any protection that comes from separating root users and non-root users. Because now any malicious program can just use docker to elevate its code to root.
Or don't give your user docker and use sudo to use the docker CLI to get the same effect. Hell, you could even alias docker as sudo docker to get the same feel.
Most systems I use will keep a sudo authentication session open for several minutes, so you don't have to repeatedly enter your password on every single command.
Suppose we all did read the docs. How possible is it with the complexity of a modern system to really take literally everything in account, and understand the implications oof everything to keep your system safe?
It's great that it's documented, but if security isn't the default option, it will lead to issues, and everything has become so complex, that imo correctly managing everything is literally impossible...
This is a systemic issue, not a user issue.
I don't think it would've been an issue if they just put a warning in the getting started section in the docs (or if they just have secure defaults to begin with). But currently there's no mention of it. It took almost a year for me to realise that I was running "production ready code" in root
I remember when I first needed to run containers I specifically went with podman because it doesn't require root access out of some vague fear that docker can be exploited to break my stuff. I feel validated.
Podman for the rescue. Runs fully under current user pribileges, so no sudo or other root-privileges needed to run containers.
(Especially useful for devs who want containers but should not get sudo.)
keep telling yourself that. if it was 2006 I would say you're right, but 20 years of corporate neglect and abuse has caused many developers to age out and not really give a shit anymore.
young devs don't want to just "fork it", they want to make a better product. to sell it. to IBM (or entities like them).
so yeah. you keep trusting that IBM bear in the corner won't maul you when you take a nap.
I'll stick with docker, the solution that outright refused to bend a knee to the worse corporate slaver in modern history.
How do you find running it as rootless? I have enough grief with docker as is... Don't really feel the need to further complicate things by going off the status quo.. but I'm guessing it's somewhat more secure.
Here’s a whole list of misconfigurations for specific binaries and the privileges they can accidentally provide. Useful for replacing the whale in your nightmares: https://gtfobins.org/
On the docker side, yes, it runs as root by default. If you want rootless containers, try podman.
For Claude code, no, by default it asks for every command if it's allowed to run. Either this user allowed all docker commands, allowed all commands, or allowed the to ai decide if the command is safe or not by itself (yes this is a real feature). (If this is Claude code, which I can't tell if it is)
I mean, there's a big ol' warning in the docs: https://docs.docker.com/engine/install/linux-postinstall/
But, I guess Docker doesn't really tell you not to do this... and I feel like a lot of mac users are not used to adding sudo at the front of docker commands so... idk.
Sounds like Docker is just inherently unsecure.
In the same way that sudo is.
Sudo makes you enter your password and docker doesn't?
Docker does by default - it only works if you use sudo. But the docs tell you to add yourself to the docker group (which requires sudo to do). Then running docker doesn’t require sudo anymore.
Yeah, that's a terrible decision in the docs. Don't ever add a path where anything on the shell can execute user-modifyable code as root.
As soon as you do that, you lose any protection that comes from separating root users and non-root users. Because now any malicious program can just use docker to elevate its code to root.
Or don't give your user docker and use sudo to use the docker CLI to get the same effect. Hell, you could even alias docker as
sudo dockerto get the same feel.Sudo can/usually does ask for password - but if you're feeling lucky you can use sudo without a password.
(Currently doing that after repeatedly failing to install an OS and have not yet felt compelled to change it back).
Most systems I use will keep a sudo authentication session open for several minutes, so you don't have to repeatedly enter your password on every single command.
It's a great feature - a necessary feature even. Tired using doas Linux port and that feature isn't supported - it was depressing.
Only if you tell it to.
… and the Nextcloud developers think it’s completely reasonable to build a plugin system where you give this access to a web facing PHP application.
What could possibly go wrong?
Sadly, nobody reads docs anymore. Now that I’m thinking, people never read the docs.
Suppose we all did read the docs. How possible is it with the complexity of a modern system to really take literally everything in account, and understand the implications oof everything to keep your system safe? It's great that it's documented, but if security isn't the default option, it will lead to issues, and everything has become so complex, that imo correctly managing everything is literally impossible... This is a systemic issue, not a user issue.
I don't think it would've been an issue if they just put a warning in the getting started section in the docs (or if they just have secure defaults to begin with). But currently there's no mention of it. It took almost a year for me to realise that I was running "production ready code" in root
I have never even looked at the Docker docs
Podman will save us from the Terminators.
I remember when I first needed to run containers I specifically went with podman because it doesn't require root access out of some vague fear that docker can be exploited to break my stuff. I feel validated.
Rootless docker exists now. Not sure why people still don't use it.
LXC! LXC! LXC!
Slowly reaches for shotgun…
I'm sorry Dave, I'm afraid I can't allow you to do that.
Podman for the rescue. Runs fully under current user pribileges, so no sudo or other root-privileges needed to run containers.
(Especially useful for devs who want containers but should not get sudo.)
there's just that pesky IBM thing that's constantly hanging around in the back waiting to pull the rug you're standing on.
It's all open source. If they do that it will just get forked, I don't really see the issue.
keep telling yourself that. if it was 2006 I would say you're right, but 20 years of corporate neglect and abuse has caused many developers to age out and not really give a shit anymore.
young devs don't want to just "fork it", they want to make a better product. to sell it. to IBM (or entities like them).
so yeah. you keep trusting that IBM bear in the corner won't maul you when you take a nap.
I'll stick with docker, the solution that outright refused to bend a knee to the worse corporate slaver in modern history.
¯\_(ツ)_/¯ I have faith in the open-source community. So far that's turned out pretty well.
You can run docker without root as well with docker rootless
TIL: uninstall docker on any machine with Claude code installed.
This was known for a decade now? That's why adding a user to docker group was always an additional step with a warning
And also why podman works the way it does
Or: dont let Claude code run whatever commands it wants. Read them before allowing.
I read them. I didnt understand them but I read them. It still fucked me.
Well yeah additionally: don't execute commands you don't understand. Not yourself, but especially not via claude
That's just letting it run any command it wants with more steps
Or: dont let Claude code run
Never ever add any users to the
dockergroup. Rootless mode is cool tho (albeit with some caveats)How do you find running it as rootless? I have enough grief with docker as is... Don't really feel the need to further complicate things by going off the status quo.. but I'm guessing it's somewhat more secure.
This is your regular reminder that docker isn't a sandboxing solution and shouldn't be treated as one.
A good write-up I came across 2 months ago: "Your container is not a sandbox" https://emirb.github.io/blog/microvm-2026/
Here’s a whole list of misconfigurations for specific binaries and the privileges they can accidentally provide. Useful for replacing the whale in your nightmares: https://gtfobins.org/
Is that normal config?
On the docker side, yes, it runs as root by default. If you want rootless containers, try podman.
For Claude code, no, by default it asks for every command if it's allowed to run. Either this user allowed all docker commands, allowed all commands, or allowed the to ai decide if the command is safe or not by itself (yes this is a real feature). (If this is Claude code, which I can't tell if it is)