
Whalebrew – Homebrew, but with Docker images - jonbaer
https://github.com/bfirsh/whalebrew
======
caleblloyd
Neat idea. A few problems that I can see:

\- this had the potential to use a lot of disk space by pulling many different
base layers

\- are UIDs inside the container forced to match the current user UID? The
container can run anything as root. If the container writes a file with root,
host will have to `chown` to use it

\- It looks like only `pwd` is mounted. What if a command references a file
outside of `pwd`, like ../file.txt

The concept is neat but the issue with root is a huge security concern. What
about instead providing a single image with proper permissions? Then
installing packages inside of that container? You could even create different
instances of the container. This would also solve the disk size issue since
the base image would always be the same. And since you trust the image, you
could mount `/` into it to allow commands outside `pwd`

~~~
caleblloyd
Thread seems to have moved to
[https://news.ycombinator.com/item?id=13503568](https://news.ycombinator.com/item?id=13503568),
I've re-posted this comment over there

