Why allow "everyone" to have read write permission?
(kb.synology.com)
from hardful9856@programming.dev to selfhosted@lemmy.world on 16 May 04:00
https://programming.dev/post/50467870
from hardful9856@programming.dev to selfhosted@lemmy.world on 16 May 04:00
https://programming.dev/post/50467870
kb.synology.com/…/Docker_container_cant_access_th…
Why allow “everyone” to have read write permission to shared folders in order to run container manager? Wouldn’t this be insecure?
threaded - newest
That seems to be what Synology is suggesting, and you’re right, this wouldn’t be the best configuration if security is the goal.
I mean unless specified otherwise most Synology container management dockers will run as root. With that said, if you want to secure things then there are guides.
An alternative path would be to setup a specific docker user and use docker compose to use that user when installing images
drfrankenstein.co.uk/step-2-setting-up-a-restrict…
Jellyfin example
drfrankenstein.co.uk/jellyfin-in-container-manage…
From there you could go further and use the guides above to create one user per docker image and give them different permissions depending on need.