Docker worst practices

I was arguing this week about the convenience of giving some users permission to launch containers, putting them on the “docker” group.

Even though the official documentation discourages this practice, I’ve found some blogs and even stackoverflow responses putting users on the “docker” group to solve some container related problems.

The ideal situation would be running rootless containers, which is easy using podman but it hasn’t been officially supported by docker prior to 20.10 version.

This is an example of what could happen if some unprivileged user is added to the docker group.