Allow running OpenHands in docker without having to mount docker socket

[pthun]

What problem or use case are you trying to solve?
I apologize if others think this is a non-issue but given mounting the docker socket via -v /var/run/docker.sock:/var/run/docker.sock is essentially equivalent to granting root control of the host (at least as far as I understand), I would love a way to avoid that. If OpenHands runs in a docker container already, why does it need docker-in-docker execution (with the inherent security risk of having access to the socket) rather than just letting the code run locally within the container? AI-generated code should not be able to do much damage in a container as long as it runs as a non-privileged user that may only have access to a limited set of folders and the OpenHands source code in the container is protected? Let me know if I am missing something.

Describe the UX of the solution you'd like
I would like a flag that allows me to run OpenHands with local code execution within the container (rather than docker-in-docker via exposed socket) if it is launched inside a docker image.

Do you have thoughts on the technical implementation?
Not yet.

Describe alternatives you've considered
I am guessing I could run OpenDevin locally on my machine rather than in the docker container? This appears to me more secure since i am not granting any inadvertent root privileges? In that case maybe it would be possible to provide installation instructions other than the docker image method? (note I am newer to some of these security considerations, so apologies if there is a logic flaw here).

Additional context
Again, I apologize if others think mounting the socket is a non-issue but it always makes me uncomfortable for code I don't know well.

[iamEvanYT]

Adding to this, maybe Docker In Docker can be used?
https://hub.docker.com/_/docker

[scosenza]

Related #5284

[jmls]

can someone explain why the docker socket needs to be mounted ?

[iamEvanYT]

can someone explain why the docker socket needs to be mounted ?

@jmls OpenHands uses the docker socket to create new sandbox environments for the agent. For example everytime a new project is created in OpenHands, it creates a container to give the agent a sandbox environment with python, javascript, and other stuff installed to execute code in.

[github-actions]

This issue is stale because it has been open for 30 days with no activity. Remove stale label or comment or this will be closed in 7 days.

[github-actions]

This issue was closed because it has been stalled for over 30 days with no activity.