diff options
author | Fabricio Voznika <fvoznika@google.com> | 2018-06-04 18:04:05 -0700 |
---|---|---|
committer | Shentubot <shentubot@google.com> | 2018-06-04 18:04:54 -0700 |
commit | 19a0e83b50fbcfd89927baedbb1f1fd14dc448ca (patch) | |
tree | e1fa28a45888ab2293864ba54b04fc3d80dea54f /pkg/sentry/socket/rpcinet/stack.go | |
parent | 6c585b8eb69362db9af5ed150763096874832b86 (diff) |
Make fsgofer attach more strict
Refuse to mount paths with "." and ".." in the path to prevent
a compromised Sentry to mount "../../secrets". Only allow
Attach to be called once per mount point.
PiperOrigin-RevId: 199225929
Change-Id: I2a3eb7ea0b23f22eb8dde2e383e32563ec003bd5
Diffstat (limited to 'pkg/sentry/socket/rpcinet/stack.go')
0 files changed, 0 insertions, 0 deletions