Docker

How to properly set permissions for a Docker container?

Guys girls, hello.
Please tell me what is my mistake in this case.

I'm running a Docker container with a local folder forwarded to it

docker run -d --rm --name devilbox-php-fpm-5-3 -p 9000:9000  -v /var/www/site.ru/www:/var/www/default/htdocs devilbox/php-fpm-5.3

and in Apache, at the same time, in the vhosts of one site, I specified sethandler for .php files, so that Apache would process them through the container through port 9000.
And everything worked great for me! Almost everything...

When accessing some .php files, I get a 500 error, while in the logs of the docker container I see that php-fpm in the container swears at Premission denied of the requested file.

The files in the folder on the host machine have permissions
-rwxr-x-r-x www-data:www-data index.php
And php-fpm in the container runs as www-data.

But if you do something like chmod 777 index.phpthat everything works.
Also, if you go to the container console and try to change the file in the mounted directory with files, then they change on the host machine as well. That is, with write access, everything is ok.

This is where I got confused:

What rights should be set for the files, or vice versa, how to start the container so that php-fpm in the container has access to these files.

I have such a mess in my head:
- host machine (root) has access to read/execute the file
- host machine (www-data) has access to read/execute the file
- container (root) has access to read/execute the file
- container (www -data) does NOT have read/execute access to the file