Image and container ownership metadata

[markllama]

Does this mean that downloaded images and running containers would also be marked with ownership?

Authenticated users on a docker host would be granted access only to images and containers which were marked as owned by them, or to which they had been granted access by the owner or admin?

If Alice (the ubiquitous Alice) pulled image A and later Bob pulled image A or some image which is based on A, what would happen when either Alice or Bob attempt to docker rmi A?

[rhatdan]

Does this mean that downloaded images and running containers would also be marked with ownership?

Yes we are looking into grouping of "container images" together as well as grouping users then allowing a mapping between images and users. Pretty much what you would expect.

Authenticated users on a docker host would be granted access only to images and containers which were marked as owned by them, or to which they had been granted access by the owner or admin?

Yes. We are adding authentication to the docker daemon, so it will know who dwalsh is, it will also no which groups I am in. And which groups of users are allowed to "manage" which groups of images. Also what "privileged" access does dwalsh have.

If Alice (the ubiquitous Alice) pulled image A and later Bob pulled image A or some image which is based on A, what would happen when either Alice or Bob attempt to docker rmi A?

If Bob is allowed to rmi A he would be allowed to destroy it.

[shaded-enmity]

The last question is actually rather tricky, what if Alice first pulled image A as private, then Bob tries to pull the same image A - the scenario that Bob doesn't have the right to dominate Alice's images, but he still has sufficient privileges to pull image A. Since the images are immutable I guess that we only actually care about the "delete" operation, which might be implemented through simple ref-counting?