The docker command doesn’t have to allow you to run commands as administrator to function properly. You can simply leave the docker group empty and run docker commands via sudo. Using the docker group is essentially equivalent to enabling passwordless sudo as far as security is concerned.
This works if you trust every program you run with silent root privileges. Sure, don’t run untrusted code in general, but I think it’s generally good practice to lock down root privileges as much as possible. Layered security and all that.
Not silent, the passwordless sudo calls are logged and available for review. I do trust that after several months in a sandbox without calling sudo, it’s unlikely that a sleeper agent will awaken and call sudo out of the blue - more likely that my apps that have been calling sudo will do something nefarious on the 1000th access…
Somebody (possibly an AI agent…) could/should automate the process of transcribing the sudo logs to the NOPASSWD setup, just leave sudo unlocked for those things that show up as needing it during validation test runs and turn the sudo lock back on for everything else.
The docker command doesn’t have to allow you to run commands as administrator to function properly. You can simply leave the docker group empty and run docker commands via sudo. Using the docker group is essentially equivalent to enabling passwordless sudo as far as security is concerned.
I’m glad you explained this. I’ve been using docker for years and have always used sudo docker
That’s fair. So it’s more like you already have a door on the second floor, that door is unlocked, and a ladder in your garage.
In this case the LLM knows about the ladder, but you forgot about it because you’re talking about the fridge on the first floor.
This is the way. Physical security FTW.
This works if you trust every program you run with silent root privileges. Sure, don’t run untrusted code in general, but I think it’s generally good practice to lock down root privileges as much as possible. Layered security and all that.
Not silent, the passwordless sudo calls are logged and available for review. I do trust that after several months in a sandbox without calling sudo, it’s unlikely that a sleeper agent will awaken and call sudo out of the blue - more likely that my apps that have been calling sudo will do something nefarious on the 1000th access…
Somebody (possibly an AI agent…) could/should automate the process of transcribing the sudo logs to the NOPASSWD setup, just leave sudo unlocked for those things that show up as needing it during validation test runs and turn the sudo lock back on for everything else.