![]() Currently it is possible to bypass safe path checks by utilising modules that can operate on directories instead of files like assemble. This can be done by putting symlinks into a directory the module is allowed to access. This can be fixed by walking the whole sub tree and checking the paths instead of just checking the path itself. Change-Id: Iaa4efcf0737e47429339e9afd66eecf4e38fd8ea |
||
---|---|---|
.. | ||
common-config | ||
org_project |