baude 6246942d37 Increase security and performance when looking up groups ...

We implement the securejoin method to make sure the paths to /etc/passwd and
/etc/group are not symlinks to something naughty or outside the container
image. And then instead of actually chrooting, we use the runc functions to
get information about a user.  The net result is increased security and
a a performance gain from 41ms to 100us.

Signed-off-by: baude <bbaude@redhat.com>

2018-10-25 06:42:43 -05:00

1.7 KiB

Raw Blame History

View Raw