Is this more secure than direct install?

[simonfrey]

This setup works like a charm for me. Thanks for you work! Is this actually more secure than running zoom locally? I like that if I kill the docker container I know that zoom is really not running anymore, but apart from that has it any security benefits?

[mdouchement]

You can restrict host file system access by specifying export ZOOM_HOME=${HOME}/zoomus on your host environment (Zoom may be too curious).

The main reason I've made this project was because 4 years ago, installing a video conferencing tool was a big mess and broke several times my OS. With Docker I was able to isolate dependencies and let my OS stable.

[ksobrenat32]

I have a noob question, where should I add export ZOOM_HOME=${HOME}/zoomus??

[mdouchement]

It depends on your configuration but generally in one of these files: ~/.bashrc, ~/.zshrc or ~/.profile. You can also put the environment variable before the zoom command: ZOOM_HOME=${HOME}/zoomus zoom

[peaceful-james]

@mdouchement Thanks so much for creating this image! I was having a bad time trying to run Zoom on Trisquel OS without reducing/removing various security setting. I could run it in Firefox browser but video and audio was laggy and choppy to the point of being unusable. Running in the container, the UI is slightly laggy but that's just X11 being X11. Video and audio and clear and I'm very happy.

I'm pretty sure this dockerized approach is more secure than running Zoom as an app on the host or in the browser on the host. Anyway, it's almost definitely not less secure.

[CholoTook]

I agree, it gives zoom less power to potentially abuse on your system, and allows to keep the 'base install' less bloated (and therefore more secure).

Really appreciate the script to get X11 working properly too. There are many ugly hacks out there, your script is really nice.

Having said all that, I think you can close this issue.

Create a FAQ if this question comes up again.

Cheers,