Replies: 2 comments
-
|
You have a point. I'll need further justification, as a dockered ollama user who has no issue currently communicating with the models. I am fine with managing those instances directly through ollama. |
Beta Was this translation helpful? Give feedback.
-
|
I think this concern is valid, even if I would frame it less as “rootkit” and more as a high-trust host-control boundary. Mounting I think the useful question is whether this is required for the default deployment path. My preference would be:
This does not mean Docker integration is wrong. It just means the default should be conservative. Users who want Odysseus to manage containers can opt in, but users who only want to connect to an existing Ollama/vLLM server should not need to expose the host Docker daemon to the app container. |
Beta Was this translation helpful? Give feedback.
Uh oh!
There was an error while loading. Please reload this page.
-
https://github.com/pewdiepie-archdaemon/odysseus/commit/b3e186746ac5052728058b332b36720d061d04d3 exposes
/var/run/docker.sockto containers. If I understand it right, that gives API access to rootful Docker daemon, which can potentially mount and any other directory to any rogue script that command it.It looks like this makes Odysseus insecure against different rogue libs and info stealers.
Beta Was this translation helpful? Give feedback.
All reactions