As the title says, allowing sudo inside the container would potentially allow users to install additional applications etc..
But, it poses a security risk, if the containers run in root mode, since with mounted drives, you have access to the hosts file system with elevated privileges.
For this, I would suggest and additional parameter/ENV variable to starting the container. If it is set, the start script rewrites the sudoers file to include the current user, but it requires the container to be started as uid 0 (inside the container), which requires a bigger rework of the startup (seeking inspiration in distrobox).
This option should, of course, be optional, especially in hosted/non-local setups.
As the title says, allowing sudo inside the container would potentially allow users to install additional applications etc..
But, it poses a security risk, if the containers run in root mode, since with mounted drives, you have access to the hosts file system with elevated privileges.
For this, I would suggest and additional parameter/ENV variable to starting the container. If it is set, the start script rewrites the sudoers file to include the current user, but it requires the container to be started as uid 0 (inside the container), which requires a bigger rework of the startup (seeking inspiration in distrobox).
This option should, of course, be optional, especially in hosted/non-local setups.