root
/
buildah
mirror of https://github.com/containers/buildah.git
1
0
Fork 0
Code Issues Actions 3 Packages Projects Releases Wiki Activity
buildah/cmd/buildah
History
Nalin Dahyabhai 9ddac02a51 Fix TOCTOU error when bind and cache mounts use "src" values 
Fix a time-of-check/time-of-use error when mounting type=bind and
type=cache directories that use a "src" flag.  A hostile writer could
use a concurrently-running stage or build to replace that "src" location
between the point when we had resolved possible symbolic links and when
runc/crun/whatever actually went to create the bind mount
(CVE-2024-11218).

Stop ignoring the "src" option for cache mounts when there's no "from"
option.

Signed-off-by: Nalin Dahyabhai <nalin@redhat.com>
 		2025-01-17 11:30:41 -05:00
..
addcopy.go Add support for COPY --exclude and ADD --exclude options 2024-10-16 16:30:16 -04:00
build.go imagebuildah.StageExecutor: clean up volumes/volumeCache 2024-09-12 09:02:22 -04:00
commit.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
common.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
common_test.go unit tests: use test-specific policy.json and registries.conf 2024-08-08 15:56:17 -04:00
config.go CI: enable the whitespace linter 2024-08-15 16:09:25 -04:00
containers.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
containers_test.go Fix stutters 2022-09-19 07:11:44 -04:00
dumpbolt.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
from.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
images.go Vendor c/common:9d025e4cb348 2024-09-03 17:47:42 +02:00
images_test.go
info.go linters: unused arguments shouldn't have names 2024-08-07 10:10:35 -04:00
inspect.go Fix stutters 2022-09-19 07:11:44 -04:00
login.go Add support for --compat-auth-file in login/logout 2023-11-16 18:51:11 +01:00
logout.go Add support for --compat-auth-file in login/logout 2023-11-16 18:51:11 +01:00
main.go CI: enable the whitespace linter 2024-08-15 16:09:25 -04:00
manifest.go Make `buildah manifest push --all` true by default 2024-09-25 18:11:14 -05:00
mkcw.go internal/mkcw.Archive(): handle extra image content 2024-01-15 09:51:13 -05:00
mount.go Fix stutters 2022-09-19 07:11:44 -04:00
passwd.go linters: unused arguments shouldn't have names 2024-08-07 10:10:35 -04:00
prune.go Fix buildah prune --help showing the same example twice 2024-05-22 23:49:00 +09:00
pull.go Use retry logic from containers/common 2024-02-28 09:44:33 -05:00
push.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
rename.go Fix stutters 2022-09-19 07:11:44 -04:00
rm.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00
rmi.go Switch to golang native error wrapping 2022-07-07 11:41:47 +02:00
run.go Fix TOCTOU error when bind and cache mounts use "src" values 2025-01-17 11:30:41 -05:00
source.go linters: unused arguments shouldn't have names 2024-08-07 10:10:35 -04:00
tag.go Fix stutters 2022-09-19 07:11:44 -04:00
umount.go Fix stutters 2022-09-19 07:11:44 -04:00
unshare.go vendor: switch to moby/sys/capability 2024-09-30 13:19:03 -07:00
unshare_unsupported.go *: fix build tags 2024-08-09 17:05:30 -07:00
version.go CI: enable the gofumpt linter 2024-08-15 13:17:44 -04:00