-
Notifications
You must be signed in to change notification settings - Fork 18.6k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Ensure docker cp
cannot traverse outside container rootfs
#5720
Conversation
Although, there should be a single container method that will get the full path of a resource in the container's rootfs. And everything that creates their own path from a resource should use that method instead... EDIT: Added. |
I see that you pretty familiar with |
The |
integration is deprecated :) Can you please move your tests to integration-cli? |
Rebased after moving the tests, and adding myself to /ping @shykes @creack @vieux @crosbymichael |
LGTM |
ping @unclejack |
@cyphar this needs rebased. I moved the symlink func to a separate pkg in |
This patch fixes the bug that allowed cp to copy files outside of the containers rootfs, by passing a relative path (such as ../../../../../../../../etc/shadow). This is fixed by first converting the path to an absolute path (relative to /) and then appending it to the container's rootfs before continuing. Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
This patch adds integration tests for the copying of resources from a container, to ensure that regressions in the security of resource copying can be easily discovered. Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
This patch is a preventative patch, it fixes possible future vulnerabilities regarding unsantised paths. Due to several recent vulnerabilities, wherein the docker daemon could be fooled into accessing data from the host (rather than a container), this patch was created to try and mitigate future possible vulnerabilities in the same vein. Docker-DCO-1.1-Signed-off-by: Aleksa Sarai <cyphar@cyphar.com> (github: cyphar)
@crosbymichael rebase'd. Bumping, since this vulnerability is very serious. |
@cyphar Just to make it clear, it's a bug, not a vulnerability per se. If you can run a privileged container, you've got root on the host and that lets you do this and far more. |
LGTM |
1 similar comment
LGTM |
Ensure `docker cp` cannot traverse outside container rootfs
This patch fixes the bug (#5656) that allowed cp to copy files outside of the containers rootfs, by passing a relative path (such as
../../../../../../../../etc/shadow
). This is fixed by first converting the path to an absolute path (relative to /) and then appending it to the container's rootfs before continuing.Docker-DCO-1.1-Signed-off-by: Aleksa Sarai cyphar@cyphar.com (github: cyphar)
EDIT: I want to point out that while the issue (#5656) is closed, the vulnerability still works. The problem is that the docker socket can, even when running in multi-tenant situations, be used to read files as root since paths aren't sanitised properly. This problem has yet to be fixed.
EDIT 2: This patch also now includes fixes to general path generation in the
daemon
subsystem, in order to try and prevent future exploits in the same vein as this one.Fixes #5656
/cc @shykes @creack @vieux @crosbymichael