this post was submitted on 01 Jun 2026
364 points (99.2% liked)
Programmer Humor
31632 readers
682 users here now
Welcome to Programmer Humor!
This is a place where you can post jokes, memes, humor, etc. related to programming!
For sharing awful code theres also Programming Horror.
Rules
- Keep content in english
- No advertisements
- Posts must be related to programming or programmer topics
founded 3 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Sounds like Docker is just inherently unsecure.
In the same way that sudo is.
Sudo makes you enter your password and docker doesn't?
Docker does by default - it only works if you use sudo. But the docs tell you to add yourself to the docker group (which requires sudo to do). Then running docker doesn’t require sudo anymore.
Yeah, that's a terrible decision in the docs. Don't ever add a path where anything on the shell can execute user-modifyable code as root.
As soon as you do that, you lose any protection that comes from separating root users and non-root users. Because now any malicious program can just use docker to elevate its code to root.
Sudo can/usually does ask for password - but if you're feeling lucky you can use sudo without a password.
(Currently doing that after repeatedly failing to install an OS and have not yet felt compelled to change it back).
Or don't give your user docker and use sudo to use the docker CLI to get the same effect. Hell, you could even alias docker as
sudo dockerto get the same feel.Only if you tell it to.