Skip to content

Commit

Permalink
Validate the bind-propagation option to --mount
Browse files Browse the repository at this point in the history
Similar to github.com/containers/buildah/pull/5761 but not
security critical as Podman does not have an expectation that
mounts are scoped (the ability to write a --mount option is
already the ability to mount arbitrary content into the container
so sneaking arbitrary options into the mount doesn't have
security implications). Still, bad practice to let users inject
anything into the mount command line so let's not do that.

Signed-off-by: Matt Heon <[email protected]>
  • Loading branch information
mheon committed Oct 4, 2024
1 parent 13b78c9 commit 985b57d
Show file tree
Hide file tree
Showing 2 changed files with 10 additions and 0 deletions.
6 changes: 6 additions & 0 deletions pkg/specgenutil/volumes.go
Original file line number Diff line number Diff line change
Expand Up @@ -272,6 +272,12 @@ func parseMountOptions(mountType string, args []string) (*spec.Mount, error) {
if !hasValue {
return nil, fmt.Errorf("%v: %w", name, errOptionArg)
}
switch value {
case "shared", "rshared", "private", "rprivate", "slave", "rslave", "unbindable", "runbindable":
// Do nothing, sane value
default:
return nil, fmt.Errorf("invalid value %q", arg)
}
mnt.Options = append(mnt.Options, value)
case "consistency":
// Often used on MACs and mistakenly on Linux platforms.
Expand Down
4 changes: 4 additions & 0 deletions test/e2e/run_volume_test.go
Original file line number Diff line number Diff line change
Expand Up @@ -122,6 +122,10 @@ var _ = Describe("Podman run with volumes", func() {
session.WaitWithDefaultTimeout()
Expect(session).To(ExitWithError(125, `"notmpcopyup" option not supported for "bind" mount types`))

session = podmanTest.Podman([]string{"run", "--rm", "--mount", "type=bind,src=/tmp,target=/tmp,bind-propagation=fake", ALPINE, "true"})
session.WaitWithDefaultTimeout()
Expect(session).To(ExitWithError(125, `invalid value "bind-propagation=fake"`))

session = podmanTest.Podman([]string{"run", "--rm", "--mount", "type=tmpfs,target=/etc/ssl,notmpcopyup", ALPINE, "ls", "/etc/ssl"})
session.WaitWithDefaultTimeout()
Expect(session).Should(ExitCleanly())
Expand Down

0 comments on commit 985b57d

Please sign in to comment.