Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

worker: clarify maxFileSize purpose #288

Merged
merged 1 commit into from
Dec 20, 2016
Merged

worker: clarify maxFileSize purpose #288

merged 1 commit into from
Dec 20, 2016

Conversation

jzelinskie
Copy link
Contributor

Fixes #237.

Quentin-M
Quentin-M reviewed Dec 19, 2016
View reviewed changes
worker/worker.go
@@ -30,7 +30,9 @@ const (
// Increased each time the engine changes.
Version = 3

// maxFileSize is the maximum size of a single file we should extract.
// maxFileSize enforces a maximum size of a single file within a tarball that
// will be extracted. This protects against against malicious layers that may
Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

against against

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

^

@jzelinskie jzelinskie merged commit 9532c03 into quay:master Dec 20, 2016
@jzelinskie jzelinskie deleted the 200mb branch December 20, 2016 00:19
@alekssaul
Copy link

@jzelinskie : any chance we can make it a variable in config.yaml? I believe at least 2 QE customers are interested in scanning large layers.

@Quentin-M
Copy link
Contributor

Quentin-M commented Dec 20, 2016
edited

@alekssaul As the comment in the code and as my comment in the initial issue state, this value has nothing to do with the size of the layer Clair can analyze but with the size of the targeted files we extract to parse informations from (e.g. /etc/os-release, /var/lib/dpkg, etc). These files today have literally no reason to exceed 200 MiB except clear abuse attempt. Clair can analyze layers of any size.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@Quentin-M Quentin-M Quentin-M approved these changes

Assignees
No one assigned
Labels
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

None yet
3 participants
@jzelinskie @alekssaul @Quentin-M