Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

runtimetest: add masked paths validation #82

Merged
merged 1 commit into from
Jun 1, 2016
Merged

runtimetest: add masked paths validation #82

merged 1 commit into from
Jun 1, 2016

Conversation

Mashimiao
Copy link

Signed-off-by: Ma Shimiao mashimiao.fnst@cn.fujitsu.com

wking
wking reviewed May 27, 2016
View reviewed changes
cmd/runtimetest/main.go
return err
}
if fi.Mode()&0444 != 0 {
return fmt.Errorf("%v should be readonly", v)
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

The error message shouldn't be about “readonly”. And this is probably another place where we want to use “just try it” (in this case, read and write) instead of a mode check.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@wking spec says "mask over the provided paths inside the container so that they cannot be read." it definitely says change paths permission to make them can't be read.
So, I think there is no need to "just try it".

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

On Fri, May 27, 2016 at 12:30:03AM -0700, Ma Shimiao wrote:

spec says "mask over the provided paths inside the container so that
they cannot be read." it definitely says change paths permission to
make them can't be read.

I don't read “mask over” as clearly “change the permission bits”. I
haven't been able to turn up runC's implementation with grep, but
@mrunalp's original runtime-spec PR was clearly recommending
bind-mounts 1.

Copy link
Author

@Mashimiao Mashimiao May 27, 2016
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah, maybe we need "just try it". I get from runc code, it implements maskedpaths as bing mount them to /dev/null
It makes a bit hard to validate.

@Mashimiao Mashimiao force-pushed the runtime-test-maksed-path-validation branch from 25c9c96 to b891e5e Compare May 27, 2016 07:30
@mrunalp
Copy link
Contributor

mrunalp commented May 27, 2016

We can add a test that tries to read from a path and gets a EOF.
Something like this

    f, err := os.Open(maskedPath)
        if err != nil {
        return err
    }
    defer f.Close()
    b := make([]byte, 1)
    _, err = f.Read(b)
    if err == io.EOF {
        fmt.Println("Test succeeded")
    } else {
        fmt.Println("Test failed")
    }

@Mashimiao Mashimiao force-pushed the runtime-test-maksed-path-validation branch from b891e5e to 74a274e Compare May 28, 2016 01:57
@Mashimiao
Copy link
Author

@mrunalp I combined your suggested code with mine. If a maskedPath can not be read, an error "permission denied" will occur, I think that is not what we want.
How do you think about it?

@mrunalp
Copy link
Contributor

mrunalp commented May 31, 2016

@Mashimiao Are you seeing a permission denied with runc? I think it shouldn't return that error in any scenario.

@Mashimiao
Copy link
Author

Mashimiao commented Jun 1, 2016
edited
Loading

@mrunalp It seems I think too much :-). runc should be run by root.
fixed.

runtimetest: add masked paths validation
615585a 
Signed-off-by: Ma Shimiao <mashimiao.fnst@cn.fujitsu.com>
@Mashimiao Mashimiao force-pushed the runtime-test-maksed-path-validation branch from 74a274e to 615585a Compare June 1, 2016 01:47
@mrunalp
Copy link
Contributor

mrunalp commented Jun 1, 2016

LGTM

@mrunalp mrunalp merged commit 17b3b7b into opencontainers:master Jun 1, 2016
@Mashimiao Mashimiao deleted the runtime-test-maksed-path-validation branch November 14, 2016 09:33
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Mashimiao @mrunalp @wking