[GH-ISSUE #8137] [privacy/security enhancement]: Maximum isolated cli for Docker #15016

New Issue

Closed

opened 2026-04-19 21:18:24 -05:00 by GiteaMirror · 1 comment

GiteaMirror commented 2026-04-19 21:18:24 -05:00

Owner

Copy Link

Originally created by @gwpl on GitHub (Dec 27, 2024).
Original GitHub issue: https://github.com/open-webui/open-webui/issues/8137

As community had discussion with statements like: "This is fairly concerning. This project has the potential to allow people to actually have privacy while using AI but some of the design choices do not seem to focus on privacy."
or "Don't trust our word for it; We encourage you to examine/audit our code",
considering that auditing whole codebase it not economically feasible for most users,
here https://github.com/open-webui/open-webui/discussions/1966#discussioncomment-11676778
I linked to this proposal:

Could you provide commandline (in some e.g. bash script file or some README), that runs things in docker with maxium isolation! What does it mean?

Topic of isolating programs running in Docker for security purposes, is explored here:

• https://github.com/jessfraz/dotfiles/blob/master/.dockerfunc - bash functions wrapping calls
• https://github.com/jessfraz/dockerfiles - docker files for above file
• https://youtu.be/cYsVvV1aVss - lecture by Jess Fraz about using "Docker as a Desktop" to run everything in Dockers with increased isolation.

It basically means to set all isolation parameters as strict as possible, and allow only the most necessary minium.

Additionally one could consider additional even more enhanced setup where all traffic goes through firewall/gateway running in another docker container (e.g. both can be in same docker network and docker-compose?), so all external connections to whatever destinations would have to go thought approved whitelist and be audited/logged (?).

Originally created by @gwpl on GitHub (Dec 27, 2024). Original GitHub issue: https://github.com/open-webui/open-webui/issues/8137 As community had discussion with statements like: "This is fairly concerning. This project has the potential to allow people to actually have privacy while using AI but some of the design choices do not seem to focus on privacy." or "Don't trust our word for it; We encourage you to examine/audit our code", considering that auditing whole codebase it not economically feasible for most users, here https://github.com/open-webui/open-webui/discussions/1966#discussioncomment-11676778 I linked to this proposal: Could you provide commandline (in some e.g. bash script file or some README), that runs things in docker with maxium isolation! What does it mean? Topic of isolating programs running in Docker for security purposes, is explored here: * https://github.com/jessfraz/dotfiles/blob/master/.dockerfunc - bash functions wrapping calls * https://github.com/jessfraz/dockerfiles - docker files for above file * https://youtu.be/cYsVvV1aVss - lecture by Jess Fraz about using "Docker as a Desktop" to run everything in Dockers with increased isolation. It basically means to set all isolation parameters as strict as possible, and allow only the most necessary minium. Additionally one could consider additional even more enhanced setup where all traffic goes through firewall/gateway running in another docker container (e.g. both can be in same docker network and docker-compose?), so all external connections to whatever destinations would have to go thought approved whitelist and be audited/logged (?).

GiteaMirror closed this issue 2026-04-19 21:18:24 -05:00

GiteaMirror commented 2026-04-19 21:18:26 -05:00

Author

Owner

Copy Link

@gaby commented on GitHub (Dec 27, 2024):

I don't think this is Open-WebUI job to implement. They are already limited given a lot of these tools require root to access the GPU's and resources.

The Docker image allows overriding the UID/GID but it's not tested.

See here: https://github.com/open-webui/open-webui/blob/main/Dockerfile#L19

Regarding firewall, that's the job of the dev/team using Open-WebUI to control access to their instance.

<!-- gh-comment-id:2563700408 --> @gaby commented on GitHub (Dec 27, 2024): I don't think this is Open-WebUI job to implement. They are already limited given a lot of these tools require root to access the GPU's and resources. The Docker image allows overriding the UID/GID but it's not tested. See here: https://github.com/open-webui/open-webui/blob/main/Dockerfile#L19 Regarding firewall, that's the job of the dev/team using Open-WebUI to control access to their instance.

GiteaMirror referenced this issue 2026-04-20 04:57:25 -05:00

[PR #15016] [CLOSED] i18n: Add Uzbek (Cyrillic and Latin) translation support #23681

GiteaMirror referenced this issue 2026-04-25 11:57:22 -05:00

[PR #15016] [CLOSED] i18n: Add Uzbek (Cyrillic and Latin) translation support #39311

GiteaMirror referenced this issue 2026-04-29 21:37:48 -05:00

[PR #15016] [CLOSED] i18n: Add Uzbek (Cyrillic and Latin) translation support #46729

GiteaMirror referenced this issue 2026-05-06 06:43:46 -05:00

[PR #15016] [CLOSED] i18n: Add Uzbek (Cyrillic and Latin) translation support #62537

Sign in to join this conversation.

No Branch/Tag Specified

Branches Tags

main

dev

v0.9.2

v0.9.1

v0.9.0

v0.8.12

v0.8.11

v0.8.10

v0.8.9

v0.8.8

v0.8.7

v0.8.6

v0.8.5

v0.8.4

v0.8.3

v0.8.2

v0.8.1

v0.8.0

v0.7.2

v0.7.1

v0.7.0

v0.6.43

v0.6.42

v0.6.41

v0.6.40

v0.6.39

v0.6.38

v0.6.37

v0.6.36

v0.6.35

v0.6.34

v0.6.33

v0.6.32

v0.6.31

v0.6.30

v0.6.29

v0.6.28

v0.6.27

v0.6.26

v0.6.25

v0.6.24

v0.6.23

v0.6.22

v0.6.21

v0.6.20

v0.6.19

v0.6.18

v0.6.17

v0.6.16

v0.6.15

v0.6.14

v0.6.13

v0.6.12

v0.6.11

v0.6.10

v0.6.9

v0.6.8

v0.6.7

v0.6.6

v0.6.5

v0.6.4

v0.6.3

v0.6.2

v0.6.1

v0.6.0

v0.5.20

v0.5.19

v0.5.18

v0.5.17

v0.5.16

v0.5.15

v0.5.14

v0.5.13

v0.5.12

v0.5.11

v0.5.10

v0.5.9

v0.5.8

v0.5.7

v0.5.6

v0.5.5

v0.5.4

v0.5.3

v0.5.2

v0.5.1

v0.5.0

v0.4.8

v0.4.7

v0.4.6

v0.4.5

v0.4.4

v0.4.3

v0.4.2

v0.4.1

v0.4.0

v0.3.35

v0.3.34

v0.3.33

v0.3.32

v0.3.31

v0.3.30

v0.3.29

v0.3.28

v0.3.27

v0.3.26

v0.3.25

v0.3.24

v0.3.23

v0.3.22

v0.3.21

v0.3.20

v0.3.19

v0.3.18

v0.3.17

v0.3.16

v0.3.15

v0.3.14

v0.3.13

v0.3.12

v0.3.11

v0.3.10

v0.3.9

v0.3.8

v0.3.7

v0.3.6

v0.3.5

v0.3.4

v0.3.3

v0.3.2

v0.3.1

v0.3.0

v0.2.5

v0.2.4

v0.2.3

v0.2.2

v0.2.1

v0.2.0

v0.1.125

v0.1.124

v0.1.123

v0.1.122

v0.1.121

v0.1.120

v0.1.119

v0.1.118

v0.1.117

v0.1.116

v0.1.115

v0.1.114

v0.1.113

v0.1.112

v0.1.111

v0.1.110

v0.1.109

v0.1.108

v0.1.107

v0.1.106

v0.1.105

v0.1.104

v0.1.103

v0.1.102

Labels

Clear labels

bug

confirmed

confirmed issue

core

documentation

enhancement

good first issue

help wanted

non-core

pull-request

Mirrored from GitHub Pull Request

python

question

testing wanted

No Label

Milestone

No items

No Milestone

Projects

Clear projects

No project

Assignees

Clear assignees

GiteaMirror ninjasurge

No Assignees

1 Participants

Notifications

Subscribe

Due Date

No due date set.

Dependencies

No dependencies set.

Reference: github-starred/open-webui#15016