Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Validate the bind-propagation option to
--mount
Similar to github.com/containers/buildah/pull/5761 but not security critical as Podman does not have an expectation that mounts are scoped (the ability to write a --mount option is already the ability to mount arbitrary content into the container so sneaking arbitrary options into the mount doesn't have security implications). Still, bad practice to let users inject anything into the mount command line so let's not do that. Signed-off-by: Matt Heon <[email protected]>
- Loading branch information