Like the subject says, it would be nice if you could restrict people from mounting anything except from a certain location. I could say that a certain user has access to /data and only that folder can be mounted (assuming the user has local docker rights on a server) everythign else i don’t want can be done with apparmor/selinux/sudo etc afaik.
Or is there already a similar way to restrict what volumes a person can bind towards (on the server, so not another docker volume)
Would give some apps more freedom which i don’t want to give that type of rights.
p.s. i assume something like that could be possible by writing a volume plugin, but thats to for away for my cheesecake head.