diff options
| author | baude <bbaude@redhat.com> | 2018-10-24 10:39:12 -0500 |
|---|---|---|
| committer | baude <bbaude@redhat.com> | 2018-10-25 06:42:43 -0500 |
| commit | 6246942d377bd9ed665a4ac448120352454dd83d (patch) | |
| tree | f99794cbb171220c8ac6ff7c0008381062a6b6df /vendor/github.com/cyphar/filepath-securejoin/vfs.go | |
| parent | 57f778aed93efc0961b1335bcd07c3c82a11da0a (diff) | |
| download | podman-6246942d377bd9ed665a4ac448120352454dd83d.tar.gz podman-6246942d377bd9ed665a4ac448120352454dd83d.tar.bz2 podman-6246942d377bd9ed665a4ac448120352454dd83d.zip | |
Increase security and performance when looking up groups
We implement the securejoin method to make sure the paths to /etc/passwd and
/etc/group are not symlinks to something naughty or outside the container
image. And then instead of actually chrooting, we use the runc functions to
get information about a user. The net result is increased security and
a a performance gain from 41ms to 100us.
Signed-off-by: baude <bbaude@redhat.com>
Diffstat (limited to 'vendor/github.com/cyphar/filepath-securejoin/vfs.go')
| -rw-r--r-- | vendor/github.com/cyphar/filepath-securejoin/vfs.go | 41 |
1 files changed, 41 insertions, 0 deletions
diff --git a/vendor/github.com/cyphar/filepath-securejoin/vfs.go b/vendor/github.com/cyphar/filepath-securejoin/vfs.go new file mode 100644 index 000000000..a82a5eae1 --- /dev/null +++ b/vendor/github.com/cyphar/filepath-securejoin/vfs.go @@ -0,0 +1,41 @@ +// Copyright (C) 2017 SUSE LLC. All rights reserved. +// Use of this source code is governed by a BSD-style +// license that can be found in the LICENSE file. + +package securejoin + +import "os" + +// In future this should be moved into a separate package, because now there +// are several projects (umoci and go-mtree) that are using this sort of +// interface. + +// VFS is the minimal interface necessary to use SecureJoinVFS. A nil VFS is +// equivalent to using the standard os.* family of functions. This is mainly +// used for the purposes of mock testing, but also can be used to otherwise use +// SecureJoin with VFS-like system. +type VFS interface { + // Lstat returns a FileInfo describing the named file. If the file is a + // symbolic link, the returned FileInfo describes the symbolic link. Lstat + // makes no attempt to follow the link. These semantics are identical to + // os.Lstat. + Lstat(name string) (os.FileInfo, error) + + // Readlink returns the destination of the named symbolic link. These + // semantics are identical to os.Readlink. + Readlink(name string) (string, error) +} + +// osVFS is the "nil" VFS, in that it just passes everything through to the os +// module. +type osVFS struct{} + +// Lstat returns a FileInfo describing the named file. If the file is a +// symbolic link, the returned FileInfo describes the symbolic link. Lstat +// makes no attempt to follow the link. These semantics are identical to +// os.Lstat. +func (o osVFS) Lstat(name string) (os.FileInfo, error) { return os.Lstat(name) } + +// Readlink returns the destination of the named symbolic link. These +// semantics are identical to os.Readlink. +func (o osVFS) Readlink(name string) (string, error) { return os.Readlink(name) } |