Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Mounting subdirectories in unallowed paths #260

Open
pierlauro opened this issue Aug 5, 2019 · 0 comments
Open

Mounting subdirectories in unallowed paths #260

pierlauro opened this issue Aug 5, 2019 · 0 comments

Comments

@pierlauro
Copy link

pierlauro commented Aug 5, 2019

Since - I guess for security reasons - it is forbidden to bind volumes in some "sensible" directories (specified in VolumeMap.c), when developing my own applications I can just avoid using such paths and everything works fine.

When trying to run third part containers with Shifter - nevertheless - it is very likely for some applications to rely on files placed in forbidden paths (e.g. configuration files in /etc).

Would there be a way to allow mounting non-existing directories in forbidden paths?

For example, let's assume the host system has no folder named /etc/nameofapp while it is present in the container's squashfs image: since mounting it would not override system-side configurations, would it be that risky to allow the binding?

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

1 participant