zuul/double-symlink-sidekick at 7510cf29732122d2a5a3fc77b3299f35bac63fdc - zuul

History

Tobias Henkel e54fcde58a Fix safe path check for directories containing symlinks Currently it is possible to bypass safe path checks by utilising modules that can operate on directories instead of files like assemble. This can be done by putting symlinks into a directory the module is allowed to access. This can be fixed by walking the whole sub tree and checking the paths instead of just checking the path itself. Change-Id: Iaa4efcf0737e47429339e9afd66eecf4e38fd8ea	2018-03-14 20:55:43 +01:00
..
vars.yaml	Fix safe path check for directories containing symlinks	2018-03-14 20:55:43 +01:00

Fix safe path check for directories containing symlinks

Currently it is possible to bypass safe path checks by utilising
modules that can operate on directories instead of files like
assemble. This can be done by putting symlinks into a directory the
module is allowed to access.

This can be fixed by walking the whole sub tree and checking the paths
instead of just checking the path itself.

Change-Id: Iaa4efcf0737e47429339e9afd66eecf4e38fd8ea

2018-03-14 20:55:43 +01:00

vars.yaml

Fix safe path check for directories containing symlinks

2018-03-14 20:55:43 +01:00