**In a post-Heartbleed world, even if you trust a company to do all security processes correctly, that might not be good enough.

Security has become the responsibility of the user, not just the providers. Luckily, Docker gives us an easy way to encapsulate and reduce the attack footprint for many of the tools we use everyday. If you are using Windows, you might look into Bromium for a solution similar to Linux Containers for Windows.

Today, I will show you how to encapsulate and isolate Dropbox on Mac OS X into a Docker container. Why? Because do you really know everything dropboxd does**

Setup Docker

First, let's install Docker and SSHFS with Fuse on OS X:

$ brew install boot2docker sshfs
$ boot2docker init
$ boot2docker up
$ boot2docker ssh # password: tcuser

The next steps you need to run within the boot2docker virtual machine to setup your shared disk. By default, boot2docker does not share a filesystem with your native OS X, but it may in the future which will make this step unnecessary.

docker@boot2docker:~$ sudo mkdir /mnt/sda1/share
docker@boot2docker:~$ sudo chown -R docker:docker /mnt/sda1/share
docker@boot2docker:~$ exit

Setup SSHFS Shared Filesystem

Now, back on your Mac, you setup a local mountpoint for your SSHFS filesystem mount.

$ mkdir ~/SafeDropbox
$ echo tcuser | sshfs docker@localhost:/mnt/sda1/share ~/SafeDropbox -
oping_diskarb,volname=SafeDropbox -p 2022 -o reconnect -o
StrictHostKeyChecking=no -o UserKnownHostsFile=/dev/null -o password_stdin

Link Your Docker Container to Dropbox

Now that you can access the shared filesystem, you need to link your new container to Dropbox.

$ docker run -i -t -v /mnt/sda1/share:/Dropbox ctlc/dropbox /.dropbox-dist/dropboxd
This computer isn't linked to any Dropbox account... Please visit to link this device.

Copy the link into your browser and authenticate your new Docker container to use Dropbox. Once you are authenticated, wait 2 minutes while the Dropbox start syncing. Then commit your local changes so that the container remembers that you logged in.

NOTE: Execute the following commands in a NEW terminal window, do not exit or close the old window until after you run these commands.

$ docker commit `docker ps -l -q` my-dropbox $ docker kill `docker ps -l -q`

Link Your Docker Container to Dropbox

Finally, you can run this command and keep it running to have Dropbox in Docker.

$ docker run -d -v /mnt/sda1/share:/Dropbox my-dropbox /.dropbox-dist/dropboxd


Docker is not limited to running web apps: you can do so much more with it. This post was inspired by a BitTorrent Sync in Docker post. If you have any fun ideas of things to put in Docker containers, let us know in the comments.