Since - I guess for security reasons - it is forbidden to bind volumes in some "sensible" directories (specified in VolumeMap.c), when developing my own applications I can just avoid using such paths and everything works fine.
When trying to run third part containers with Shifter - nevertheless - it is very likely for some applications to rely on files placed in forbidden paths (e.g. configuration files in /etc).
Would there be a way to allow mounting non-existing directories in forbidden paths?
For example, let's assume the host system has no folder named /etc/nameofapp while it is present in the container's squashfs image: since mounting it would not override system-side configurations, would it be that risky to allow the binding?
Since - I guess for security reasons - it is forbidden to bind volumes in some "sensible" directories (specified in VolumeMap.c), when developing my own applications I can just avoid using such paths and everything works fine.
When trying to run third part containers with Shifter - nevertheless - it is very likely for some applications to rely on files placed in forbidden paths (e.g. configuration files in /etc).
Would there be a way to allow mounting non-existing directories in forbidden paths?
For example, let's assume the host system has no folder named /etc/nameofapp while it is present in the container's squashfs image: since mounting it would not override system-side configurations, would it be that risky to allow the binding?