When using bind-mounts, you need to allign the owner uid:gid of the host folder, with the uid:gid of the process inside the container. When a host path is mounted into a container path, a bind-mount is used. Another indicator that binds are used is that they are not listed by the command docker volume ls.

As the permission question usualy only makes sense for bind-mount “volumes” (which in reality are not volumes), the response will focus on bind-mounts:

The image description should indicate which uid:gid is used to start the main process of the container.

Some images are designed so that the entrypoint of the container is started as root, which starts the main process as a specific uid:gid.Some of those images provide environment variables to override the uid and gid using environment variables.

Other images are designed to start the entrypoint script with an unpriviliged user and run the main process with it. Those images have one or more USER instructiosn in the Dockerfile. For those type of images the uid:gid for the first declared USER instruction can be overriden using the --user ${uid}:${gid} argument.

And then there are images that start the entrypoint script with root privilges and run the main process with root priviliges.