I would like to setup docker so that unprivileged users can only mount paths they have access to and all file IO on the host system would be written as that user.
There’s no setup like that out-of-the-box. (There are some authorization plugins mentioned in the Docker docs, but I’ve never looked at them.) You can’t really safely allow users to use Docker commands on a shared system where you’re not expecting every user to have admin rights.
I put this here under Feature Requests hoping that it would be supported some day in the furture