opensource/podman
1
0
Fork 0
mirror of https://github.com/containers/podman.git synced 2025-10-18 03:33:32 +08:00
Code Issues Packages Projects Releases Wiki Activity

libpod: mount safely subpaths

Browse Source 
add a function to securely mount a subpath inside a volume.  We cannot
trust that the subpath is safe since it is beneath a volume that could
be controlled by a separate container.  To avoid TOCTOU races between
when we check the subpath and when the OCI runtime mounts it, we open
the subpath, validate it, bind mount to a temporary directory and use
it instead of the original path.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano
2023-03-30 21:23:49 +02:00
parent 0858fab601
commit 4d56292e7a
7 changed files with 237 additions and 53 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
libpod/container_internal.go
View File

@ -1035,10 +1035,11 @@ func (c *Container) init(ctx context.Context, retainRetries bool) error {
}
// Generate the OCI newSpec
newSpec, err := c.generateSpec(ctx)
newSpec, cleanupFunc, err := c.generateSpec(ctx)
if err != nil {
return err
}
defer cleanupFunc()
// Make sure the workdir exists while initializing container
if err := c.resolveWorkDir(); err != nil {