Synology

123 readers

10 users here now

Community to discuss Synology products including Network Attached Storage (NAS)

Rules

1. No off topic posts

Posts must be related to Synology

2. Be kind

No insults or overtly rude behavior. You can be right just try to be kind too.

founded 1 year ago

MODERATORS

notnotmike@programming.dev

Why allow "everyone" to have read write permission? (kb.synology.com)

submitted 1 day ago by hardful9856@programming.dev to c/synology@programming.dev

2 comments fedilink hide all child comments

https://kb.synology.com/en-global/DSM/tutorial/Docker_container_cant_access_the_folder_or_file#x_anchor_idcd3f1170a3

Why allow "everyone" to have read write permission to shared folders in order to run container manager? Wouldn't this be insecure?

top 2 comments

sorted by: hot top controversial new old

[–] artwork@lemmy.world 2 points 1 day ago* (last edited 15 hours ago) (1 children)

The question is asked, yet no actual answer is given for the article.
A usual secure way is to set the bind-mounted modes to u+rwx and ownership to the container User UID, which you may check via docker inspect <container> or its image.

Meanwhile, nice choice for the NodeRed! ✨

User namespaces are an advanced feature and require coordination with other capabilities. For example, if volumes are mounted from the host, file ownership must be pre-arranged if you need read or write access to the volume contents.
Source: https://docs.docker.com/engine/security/userns-remap

[–] hardful9856@programming.dev 1 points 18 hours ago

Thanks!