Docker GUI Applications (use of xhost+)

Hello everyone,

So I tend to run dockers with GUI applications (both as root and as a user inside the container itself). Normally before running any script to docker run and then exec into my containers, I always preface it by this command:

xhost +local:root

However, this tends to not be secure. Is there a way I can do this for allowing specifically my containers? Maybe I can specify exactly which containers are allowed to use my host Xserver? Will +local:docker work? Or is that also unsafe?

Thank you for any help (well in advanced)!