Disallow `dotnet restore` at OS root

[richlander]

I have seen this issue multiple times.

https://github.com/dotnet/dotnet-docker/issues/5085

[ghost]

@richlander Issue is missing Type label, remember to add a Type label

[baronfel]

@rainersigwald The linked issue had the user stalling out during (I think) evaluation when a glob would have included system root - didn't we do something recently in MSBuild around detecting/logging/warning when an item glob including the root is expanded?

[rainersigwald]

https://github.com/dotnet/msbuild/pull/7029 added warnings like

 warning MSB5029: The value "**/*.*proj" of the "Exclude" attribute in element <ItemGroup> in file "C:\Program Files\dotnet\sdk\8.0.200-preview.23624.5\Sdks\Microsoft.NET.Sdk\targets\Microsoft.NET.Sdk.DefaultItems.props (30,62)" is a wildcard that results in enumerating all files on the drive, which was likely not intended. Check that referenced properties are always defined.

But even groveling a whole container filesystem shouldn't hang indefinitely. Maybe something is getting caught in a symlink loop?

[richlander]

Perhaps the CLI should provide this error/warning. I'd like to this as an error and require some --force style option to override it. This behavior isn't useful.

[jeffkl]

Should we move this issue then?

[baronfel]

@jeffkl seems reasonable to me, yeah.

[richlander]

Does the CLI have appropriate context on the context of the build/restore?

[baronfel]

It already knows the working directory that it's invoked from, and the project/solution that will be built - we could check either/both of those to safety-check before actually invoking MSBuild.

[richlander]

Sounds good. I'll close this issue and make a feature request at dotnet/sdk since issue transfer doesn't work across orgs (AFAIK).