Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

oci: tar extract: remove non-dir targets on unpack #223

Merged
merged 2 commits into from
Jan 9, 2018
Merged

oci: tar extract: remove non-dir targets on unpack #223

merged 2 commits into from
Jan 9, 2018

Conversation

cyphar
Copy link
Member

@cyphar cyphar commented Jan 8, 2018
edited
Loading

In order to work around cases where we are replacing a file we don't
have write access to in unprivileged mode (as well as to clarify the
hardlink semantics of unpacking), always remove the target path (unless
it's a directory) before unpacking over it. As we always re-apply
metadata this should not cause any issues.

Fixes #222
Signed-off-by: Aleksa Sarai asarai@suse.de

@cyphar cyphar mentioned this pull request Jan 8, 2018
Closed
@cyphar cyphar added this to the 0.4.0 milestone Jan 8, 2018
@lukasheinrich
Copy link

Hi -- I tested this on a fedora box and it fixes the issue. LGTM.

@cyphar
oci: tar extract: remove non-dir targets on unpack
18e2f1b 
In order to work around cases where we are replacing a file we don't
have write access to in unprivileged mode (as well as to clarify the
hardlink semantics of unpacking), always remove the target path (unless
it's a directory) before unpacking over it. As we always re-apply
metadata this should not cause any issues.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
@cyphar
test: add a NOWRITE test for file clobbering
ff14ef1 
This is to ensure we don't regress on file clobbering when we don't have
write access to the target file.

Signed-off-by: Aleksa Sarai <asarai@suse.de>
@cyphar
Copy link
Member Author

cyphar commented Jan 9, 2018

LGTM. I will do a 0.4.0 release in a few days with this and other fixes applied.

@cyphar cyphar merged commit ff14ef1 into opencontainers:master Jan 9, 2018
cyphar added a commit that referenced this pull request Jan 9, 2018
@cyphar
merge branch 'pr-223'
64703df 
  test: add a NOWRITE test for file clobbering
  oci: tar extract: remove non-dir targets on unpack

LGTMs: @cyphar
Closes #223
@cyphar cyphar deleted the tar-extract-create-eperm branch January 9, 2018 14:25
@lukasheinrich lukasheinrich mentioned this pull request Jan 18, 2018
Open
@cyphar
Copy link
Member Author

cyphar commented Mar 10, 2018

@lukasheinrich I have cut a 0.4.0 release. Sorry for the delay!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
oci/layer
Projects
None yet
Milestone
0.4.0
Development

Successfully merging this pull request may close these issues.
2 participants
@cyphar @lukasheinrich