e54fcde58a
Currently it is possible to bypass safe path checks by utilising modules that can operate on directories instead of files like assemble. This can be done by putting symlinks into a directory the module is allowed to access. This can be fixed by walking the whole sub tree and checking the paths instead of just checking the path itself. Change-Id: Iaa4efcf0737e47429339e9afd66eecf4e38fd8ea |
||
---|---|---|
.. | ||
files | ||
tasks |