For my part what I care most about with Docker is not the ability to run something I don't "trust". That is, I would not trust or expect it to be safe enough to run code I expect to be malicious.
For me it's about creating a setup that is far more easy to reproduce in the face of e.g. system upgrades, setting up a new machine, as well as protection against stupid mistakes, and about containing state.
For me it's about creating a setup that is far more easy to reproduce in the face of e.g. system upgrades, setting up a new machine, as well as protection against stupid mistakes, and about containing state.