Prohibit bind mounts into /

Signed-off-by: Michael Crosby <crosbymichael@gmail.com>
2015-04-30 10:23:42 -07:00 · 2015-04-30 10:23:42 -07:00 · e3e7c47123
parent 3c25c9b9cf
commit e3e7c47123
2 changed files with 14 additions and 0 deletions
--- a/rootfs_linux.go
+++ b/rootfs_linux.go
@ -212,6 +212,9 @@ func mountToRootfs(m *configs.Mount, rootfs, mountLabel string) error {
 // top of /proc or /sys.
 // dest is required to be an abs path and have any symlinks resolved before calling this function.
 func checkMountDestination(rootfs, dest string) error {
+	if filepath.Clean(rootfs) == filepath.Clean(dest) {
+		return fmt.Errorf("mounting into / is prohibited")
+	}
 	invalidDestinations := []string{
 		"/proc",
 		"/sys",
@ -232,6 +235,9 @@ func dirIsChild(root, dir string) bool {
 		rootParts = strings.Split(filepath.Clean(root), string(filepath.Separator))
 		dirParts  = strings.Split(filepath.Clean(dir), string(filepath.Separator))
 	)
+	if len(dirParts) < len(rootParts) {
+		return false
+	}
 	for i, p := range rootParts {
 		if p != dirParts[i] {
 			return false
--- a/rootfs_linux_test.go
+++ b/rootfs_linux_test.go
@ -27,3 +27,11 @@ func TestCheckMountDestFalsePositive(t *testing.T) {
 		t.Fatal(err)
 	}
 }
+
+func TestCheckMountRoot(t *testing.T) {
+	dest := "/rootfs"
+	err := checkMountDestination("/rootfs", dest)
+	if err == nil {
+		t.Fatal(err)
+	}
+}