What problem or use case are you trying to solve?
I apologize if others think this is a non-issue but given mounting the docker socket via -v /var/run/docker.sock:/var/run/docker.sock is essentially equivalent to granting root control of the host (at least as far as I understand), I would love a way to avoid that. If OpenHands runs in a docker container already, why does it need docker-in-docker execution (with the inherent security risk of having access to the socket) rather than just letting the code run locally within the container? AI-generated code should not be able to do much damage in a container as long as it runs as a non-privileged user that may only have access to a limited set of folders and the OpenHands source code in the container is protected? Let me know if I am missing something.
Describe the UX of the solution you'd like
I would like a flag that allows me to run OpenHands with local code execution within the container (rather than docker-in-docker via exposed socket) if it is launched inside a docker image.
Do you have thoughts on the technical implementation?
Not yet.
Describe alternatives you've considered
I am guessing I could run OpenDevin locally on my machine rather than in the docker container? This appears to me more secure since i am not granting any inadvertent root privileges? In that case maybe it would be possible to provide installation instructions other than the docker image method? (note I am newer to some of these security considerations, so apologies if there is a logic flaw here).
Additional context
Again, I apologize if others think mounting the socket is a non-issue but it always makes me uncomfortable for code I don't know well.
What problem or use case are you trying to solve? I apologize if others think this is a non-issue but given mounting the docker socket via
-v /var/run/docker.sock:/var/run/docker.sockis essentially equivalent to granting root control of the host (at least as far as I understand), I would love a way to avoid that. If OpenHands runs in a docker container already, why does it need docker-in-docker execution (with the inherent security risk of having access to the socket) rather than just letting the code run locally within the container? AI-generated code should not be able to do much damage in a container as long as it runs as a non-privileged user that may only have access to a limited set of folders and the OpenHands source code in the container is protected? Let me know if I am missing something.Describe the UX of the solution you'd like I would like a flag that allows me to run OpenHands with local code execution within the container (rather than docker-in-docker via exposed socket) if it is launched inside a docker image.
Do you have thoughts on the technical implementation? Not yet.
Describe alternatives you've considered I am guessing I could run OpenDevin locally on my machine rather than in the docker container? This appears to me more secure since i am not granting any inadvertent root privileges? In that case maybe it would be possible to provide installation instructions other than the docker image method? (note I am newer to some of these security considerations, so apologies if there is a logic flaw here).
Additional context Again, I apologize if others think mounting the socket is a non-issue but it always makes me uncomfortable for code I don't know well.