The risk is attached to having users in the group, because such users provide an easy path to root with no further access control. There are other such groups on Debian systems, e.g. disks, so installing Docker and having the docker group created doesn’t increase the risk in and of itself. If you don’t add users to such groups, you’re OK, since adding users to a group is a privileged operation anyway (so if an attacker can do that, you’ve lost already).

There is also some amount of risk attached to having a privileged daemon running. There are other solutions you could look into that don’t involve having a privileged Docker daemon running at all; for example Podman, or since you’re looking into this specifically for Python projects, Python virtual environments.

The risk is attached to having users in the group, because such users provide an easy path to root with no further access control. There are other such groups on Debian systems e.g. disks, so installing Docker and having the docker group created doesn’t increase the risk in and of itself. If you don’t add users to such groups, you’re OK, since adding users to a group is a privileged operation anyway (so if an attacker can do that, you’ve lost already).

There is also some amount of risk attached to having a privileged daemon running. There are other solutions you could look into that don’t involve having a privileged Docker daemon running at all; for example Podman, or since you’re looking into this specifically for Python projects, Python virtual environments.

The risk is attached to having users in the group, because such users provide an easy path to root with no further access control. There are other such groups on Debian systems, e.g. disks, so installing Docker and having the docker group created doesn’t increase the risk in and of itself. If you don’t add users to such groups, you’re OK, since adding users to a group is a privileged operation anyway (so if an attacker can do that, you’ve lost already).

There is also some amount of risk attached to having a privileged daemon running. There are other solutions you could look into that don’t involve having a privileged Docker daemon running at all; for example Podman, or since you’re looking into this specifically for Python projects, Python virtual environments.

The risk is attached to having users in the group, because such users provide an easy path to root with no further access control. There are other such groups on Debian systems, e.g. disks, so installing Docker and having the docker group created doesn’t increase the risk in and of itself. If you don’t add users to such groups, you’re OK, since adding users to a group is a privileged operation anyway (so if an attacker can do that, you’ve lost already).

There is also some amount of risk attached to having a privileged daemon running. There are other solutions you could look into that don’t involve having a privileged Docker daemon running at all; for example Podman, or since you’re looking into this specifically for Python projects, Python virtual environments.