aboutsummaryrefslogtreecommitdiff
path: root/vendor/github.com/cyphar/filepath-securejoin/vfs.go
diff options
context:
space:
mode:
authorbaude <bbaude@redhat.com>2018-10-24 10:39:12 -0500
committerbaude <bbaude@redhat.com>2018-10-25 06:42:43 -0500
commit6246942d377bd9ed665a4ac448120352454dd83d (patch)
treef99794cbb171220c8ac6ff7c0008381062a6b6df /vendor/github.com/cyphar/filepath-securejoin/vfs.go
parent57f778aed93efc0961b1335bcd07c3c82a11da0a (diff)
downloadpodman-6246942d377bd9ed665a4ac448120352454dd83d.tar.gz
podman-6246942d377bd9ed665a4ac448120352454dd83d.tar.bz2
podman-6246942d377bd9ed665a4ac448120352454dd83d.zip
Increase security and performance when looking up groups
We implement the securejoin method to make sure the paths to /etc/passwd and /etc/group are not symlinks to something naughty or outside the container image. And then instead of actually chrooting, we use the runc functions to get information about a user. The net result is increased security and a a performance gain from 41ms to 100us. Signed-off-by: baude <bbaude@redhat.com>
Diffstat (limited to 'vendor/github.com/cyphar/filepath-securejoin/vfs.go')
-rw-r--r--vendor/github.com/cyphar/filepath-securejoin/vfs.go41
1 files changed, 41 insertions, 0 deletions
diff --git a/vendor/github.com/cyphar/filepath-securejoin/vfs.go b/vendor/github.com/cyphar/filepath-securejoin/vfs.go
new file mode 100644
index 000000000..a82a5eae1
--- /dev/null
+++ b/vendor/github.com/cyphar/filepath-securejoin/vfs.go
@@ -0,0 +1,41 @@
+// Copyright (C) 2017 SUSE LLC. All rights reserved.
+// Use of this source code is governed by a BSD-style
+// license that can be found in the LICENSE file.
+
+package securejoin
+
+import "os"
+
+// In future this should be moved into a separate package, because now there
+// are several projects (umoci and go-mtree) that are using this sort of
+// interface.
+
+// VFS is the minimal interface necessary to use SecureJoinVFS. A nil VFS is
+// equivalent to using the standard os.* family of functions. This is mainly
+// used for the purposes of mock testing, but also can be used to otherwise use
+// SecureJoin with VFS-like system.
+type VFS interface {
+ // Lstat returns a FileInfo describing the named file. If the file is a
+ // symbolic link, the returned FileInfo describes the symbolic link. Lstat
+ // makes no attempt to follow the link. These semantics are identical to
+ // os.Lstat.
+ Lstat(name string) (os.FileInfo, error)
+
+ // Readlink returns the destination of the named symbolic link. These
+ // semantics are identical to os.Readlink.
+ Readlink(name string) (string, error)
+}
+
+// osVFS is the "nil" VFS, in that it just passes everything through to the os
+// module.
+type osVFS struct{}
+
+// Lstat returns a FileInfo describing the named file. If the file is a
+// symbolic link, the returned FileInfo describes the symbolic link. Lstat
+// makes no attempt to follow the link. These semantics are identical to
+// os.Lstat.
+func (o osVFS) Lstat(name string) (os.FileInfo, error) { return os.Lstat(name) }
+
+// Readlink returns the destination of the named symbolic link. These
+// semantics are identical to os.Readlink.
+func (o osVFS) Readlink(name string) (string, error) { return os.Readlink(name) }